5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB='k'], &(0x7f00000002c0)=0x2)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:14 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:14 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:14 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:15 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35"], &(0x7f00000002c0)=0x2)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:15 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:15 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
io_submit(0x0, 0x21c6, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340), 0xfdef}])
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:15 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35"], &(0x7f00000002c0)=0x2)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:15 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:15 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r0, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:15 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
io_submit(0x0, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000340), 0xfdef}])
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

[  418.506427][T16518] binder_alloc: 16517: binder_alloc_buf, no vma
22:04:15 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:15 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:15 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35"], &(0x7f00000002c0)=0x2)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

[  418.829904][T16529] binder_alloc: 16527: binder_alloc_buf, no vma
22:04:16 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:16 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:16 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487ab"], &(0x7f00000002c0)=0x2)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:16 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
io_submit(0x0, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000340), 0xfdef}])
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f00000001c0)={r1, 0x0, 0x4, 0xffff, 0x623})
r3 = fcntl$getown(r2, 0x9)
get_robust_list(r3, &(0x7f0000000140)=&(0x7f0000000100)={&(0x7f00000000c0)={&(0x7f0000000040)}}, &(0x7f0000000180)=0x18)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

[  419.279420][T16548] binder_alloc: 16546: binder_alloc_buf, no vma
22:04:16 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:16 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487ab"], &(0x7f00000002c0)=0x2)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:16 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:16 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:16 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
io_submit(0x0, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000340), 0xfdef}])
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:16 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:16 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487ab"], &(0x7f00000002c0)=0x2)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:17 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:17 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:17 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
tee(r0, r0, 0x8, 0x1)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
io_submit(0x0, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000340), 0xfdef}])
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x10000, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:17 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:17 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487abb374989e7e235e"], &(0x7f00000002c0)=0x2)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:17 executing program 1:
r0 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:17 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
io_submit(0x0, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000340), 0xfdef}])
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
ioctl$KVM_SET_VAPIC_ADDR(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000))

22:04:17 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487abb3"], &(0x7f00000002c0)=0x2)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:17 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r1, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:17 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:17 executing program 1:
r0 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:17 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
io_submit(0x0, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000340), 0xfdef}])
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))
openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x8000, 0x0)

22:04:18 executing program 1:
r0 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:18 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:18 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487abb3"], &(0x7f00000002c0)=0x2)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:18 executing program 1:
r0 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:18 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
io_submit(0x0, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000340), 0xfdef}])
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
r3 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000100)='/dev/capi20\x00', 0x4000, 0x0)
ioctl$CAPI_GET_PROFILE(r3, 0xc0404309, &(0x7f0000000140)=0x40000000)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))
r4 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x3, 0x400000)
write$rfkill(r4, &(0x7f00000000c0)={0x3d, 0x7, 0x1, 0x0, 0x1}, 0x8)

22:04:18 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:18 executing program 1:
r0 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:18 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487abb3"], &(0x7f00000002c0)=0x2)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:18 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r1, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:18 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_ADD_MAP(r0, 0xc0286415, &(0x7f00000001c0)={&(0x7f0000ffc000/0x1000)=nil, 0x100000000, 0x1, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x7f})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
io_submit(0x0, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000340), 0xfdef}])
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000040)=<r2=>0x0)
ptrace$setregset(0x4205, r2, 0x3, &(0x7f0000000180)={&(0x7f0000000240)="d87ed8c0abfa95654bc9e5a90d37b500056ebcc8612ee5d791570037ec161ef4c1aa7da3869a1631bd42bfe2144466b5045f31036c637df1006dbeb9d80bbe0f66221f11f4aeb200c89bb13302aecc616075c5ed84ece6bcc4c2419cea1bdeece38f850adaa00b2627082dca66b6f076549a3890d49b0b7b9cb01a919d81782127c402b468751795dc1ad2edaa6067b73083b5cf67d3fcba826a4e99b72605bc011cf59354e2d82a5694eb93650e2e3fd7", 0xb1})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000000c0)={[0x1, 0xff, 0x6, 0x7fff, 0x3, 0x6, 0x4, 0x81, 0x2d7, 0x7, 0x3, 0x4, 0x7, 0x28a, 0x1, 0x101], 0x3000, 0x40})
r4 = syz_open_dev$vbi(&(0x7f0000000300)='/dev/vbi#\x00', 0x2, 0x2)
ioctl$UFFDIO_COPY(r4, 0xc028aa03, &(0x7f0000000380)={&(0x7f0000f21000/0x3000)=nil, &(0x7f0000c00000/0x400000)=nil, 0x3000, 0x1})

22:04:18 executing program 1:
r0 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:18 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487abb374989e"], &(0x7f00000002c0)=0x2)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:19 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x10, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

[  422.223455][T16676] binder_alloc: 16673: binder_alloc_buf, no vma
22:04:19 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:19 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487abb3"], &(0x7f00000002c0)=0x2)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:19 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0b")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:19 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
io_submit(0x0, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000340), 0xfdef}])
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x3, 0x2)
ioctl$UI_SET_SWBIT(r3, 0x4004556d, 0xa)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:19 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x10, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

[  422.421350][T16684] binder_alloc: 16681: binder_alloc_buf, no vma
22:04:19 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x10, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:19 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487abb3"], &(0x7f00000002c0)=0x2)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

[  422.757972][T16701] binder_alloc: 16700: binder_alloc_buf, no vma
22:04:19 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r1, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:19 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
io_submit(0x0, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000340), 0xfdef}])
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_S390_UCAS_UNMAP(r2, 0x4018ae51, &(0x7f0000000040)={0x3, 0x2})

22:04:19 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487abb3"], &(0x7f00000002c0)=0x2)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:19 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:20 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0b")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

[  423.080832][T16714] binder_alloc: 16710: binder_alloc_buf, no vma
22:04:20 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:20 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487abb37498"], &(0x7f00000002c0)=0x2)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:20 executing program 2:
r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000100)='/proc/capi/capi20\x00', 0x101000, 0x0)
ioctl$VIDIOC_G_ENC_INDEX(r0, 0x8818564c, &(0x7f0000000240))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x458, 0x50000)
ioctl$sock_SIOCSIFBR(r3, 0x8941, &(0x7f00000000c0)=@generic={0x1, 0x3, 0xc9})
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
io_submit(0x0, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000340), 0xfdef}])
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4400ae8f, &(0x7f0000000000))

22:04:20 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

[  423.457849][T16730] binder_alloc: 16726: binder_alloc_buf, no vma
22:04:20 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:20 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487abb374"], &(0x7f00000002c0)=0x2)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:20 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0b")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

[  423.754347][T16739] binder_alloc: 16737: binder_alloc_buf, no vma
22:04:21 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:21 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r0)
ioctl$UI_SET_PROPBIT(r2, 0x4004556e, 0xf)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
ioctl$HIDIOCGUSAGES(r1, 0xd01c4813, &(0x7f0000001480)={{0x1, 0x2, 0x2, 0x20, 0xffffffffffffffff, 0x7}, 0x1bc, [0x0, 0x8, 0x3f, 0x2ba, 0x1, 0xd45, 0x40, 0x9, 0x3, 0xfffffffffffffffc, 0x4, 0x6, 0x6a, 0x6, 0x800, 0x9a4e, 0x6, 0x9, 0x1, 0x101, 0x100, 0x3, 0x4, 0x800, 0x93f, 0x80000001, 0x10001, 0x10000, 0x4, 0xffffffffac7789cd, 0xffffffffffffff0b, 0x6, 0xfbb, 0x7f, 0x3, 0x7, 0x80000001, 0x24, 0x81, 0x3, 0x7fff, 0x9, 0x6, 0x7, 0xed, 0x7, 0x81, 0x9, 0xa5, 0xffffffffbd8b3333, 0x8, 0x6, 0x401, 0x5, 0x0, 0x8, 0x3, 0x6f, 0x1, 0x100, 0x0, 0x800, 0x4, 0x649e, 0x81, 0x1, 0x1ff, 0x1000, 0x4, 0x3ff, 0x3, 0x5, 0x8000, 0x7, 0x0, 0x2, 0x0, 0x38, 0x2f0b, 0x6, 0x3ff, 0x9, 0x10001, 0x10001, 0x1000, 0xe472, 0x7, 0xfffffffffffff801, 0x7, 0x9, 0x5, 0x98, 0x401, 0x1, 0x6ff6df48, 0x2, 0x10001, 0x1, 0x4, 0x8, 0x1, 0x2, 0x1, 0xd4a6, 0xae, 0x81, 0x6, 0x0, 0x10001, 0xfffffffffffffff8, 0x0, 0xffffffff, 0x2, 0x0, 0x7, 0xdd, 0x3, 0xffff, 0x100, 0x47, 0x7, 0x7fffffff, 0xf6b, 0x1, 0x70, 0xffffffffffffffb5, 0x0, 0x0, 0x0, 0x6, 0x600000000000, 0xfff, 0x6, 0x8, 0xf051, 0xa2a, 0xffffffffffffffff, 0x1, 0x40, 0x2, 0x7, 0xffffffff, 0x8000, 0x6, 0x6a11, 0x2, 0x7, 0x80, 0x7fffffff, 0x798, 0x1, 0x1, 0x9, 0x1, 0x2, 0xb2a8, 0xe6, 0x1, 0x3, 0x4160, 0x20, 0x4, 0x1, 0x7, 0x10c, 0x100000001, 0x100000000, 0xe0000000, 0x1, 0x0, 0x1, 0xfffffffffffffffa, 0x6, 0xf74a, 0x5, 0x8001, 0x9, 0x2, 0x2, 0x3, 0xa2c, 0x0, 0x67, 0x1, 0x0, 0x2, 0x9, 0xfffffffffffffff8, 0x9, 0x4, 0x2, 0x8, 0x681e, 0x6, 0x81, 0x3f, 0x4, 0x3, 0x200, 0x40, 0x9, 0x20, 0x65, 0x9, 0x173afa31, 0x9, 0x3, 0x9, 0x6, 0x6, 0x0, 0x8000, 0x81, 0x0, 0x8a, 0x3526, 0x6302, 0x0, 0x10000, 0xff, 0x5, 0x59c0, 0x7, 0x4102, 0x1, 0x0, 0x7fffffff, 0x2, 0x3ff, 0xfff, 0x5, 0x0, 0x40, 0xb8, 0x101, 0xab5, 0x20, 0x3, 0x14d, 0x9, 0xff, 0x101, 0x9, 0x808, 0x3, 0x1, 0x50000000000, 0x9, 0x2, 0x1, 0x4, 0x2, 0x3ff, 0x1, 0x7, 0x5775e0be, 0x4, 0x5, 0x1, 0x7, 0x6, 0x873e, 0x5, 0x0, 0x7fff, 0x6, 0x7ff, 0x344, 0x1, 0x0, 0x1, 0x18b, 0x0, 0x1b0, 0x32ec021e, 0x40, 0x10000, 0xab3, 0x100000000, 0x5, 0xffff, 0x5, 0xfa9, 0xbec1, 0x7, 0x4, 0xd2e3, 0xa3, 0x0, 0x4, 0xfe8f, 0xf6, 0x3, 0x1ff, 0x20000, 0x5, 0xfffffffeffffffff, 0x80000001, 0x2, 0x3, 0x5, 0x7eb, 0xfff, 0x44, 0x8ec0, 0x8, 0x977, 0x9510, 0x3, 0x0, 0xbc9a, 0x8, 0x1, 0x7, 0x7fff, 0x7, 0x9, 0x2, 0x9, 0x1, 0xcb4, 0xfffffffffffffff8, 0x2, 0x2, 0x3, 0x0, 0x1f, 0xffff, 0xffff, 0x7, 0x5, 0x8, 0x6, 0x3, 0x81, 0xfffffffffffffff8, 0x81, 0x5, 0x8, 0x40, 0x1, 0xd0, 0x80000000, 0x1, 0x7fff, 0x7, 0x10000, 0x8, 0x9, 0x7, 0xff, 0x7ff, 0x3, 0x0, 0x80000001, 0x2, 0x5, 0x5, 0x8000000000000, 0xfffffffffffffc00, 0x7be, 0x4, 0x2, 0x6, 0x8, 0xf8, 0x10, 0x101, 0x983, 0x9, 0x8, 0x7, 0x3, 0x1ff, 0x7, 0x100, 0x5, 0x101, 0x2, 0xff, 0x3, 0x6, 0x0, 0x401, 0x1f, 0x7f, 0x9, 0x0, 0x200, 0x66dc, 0x3, 0x9, 0x6, 0x8, 0xa12, 0xfffffffffffffff8, 0x0, 0x2, 0x2, 0xff, 0x9, 0xfffffffffffffff8, 0x7, 0x9, 0x578b02cc, 0x7, 0x4, 0x3, 0x4, 0x6, 0x8000, 0x2, 0x6, 0xff97, 0x7f, 0x0, 0x9, 0xffffffffffffff80, 0x80000000, 0x0, 0x4, 0x1, 0x7fffffff, 0x3, 0x1, 0x6, 0x7, 0x2, 0x6, 0x8, 0x6, 0x3, 0x1000, 0x9, 0x1, 0x8bcc, 0x8, 0x1000, 0x8, 0x3, 0x5, 0x1, 0x0, 0x40, 0x1, 0xffff, 0xcd, 0x4, 0x1, 0x9, 0x0, 0x8, 0x2, 0x80000001, 0x6, 0x800, 0x1000, 0x80, 0xc15a, 0x4, 0x6, 0x3eb, 0x5, 0x800, 0x0, 0xffffffff, 0x1, 0x6, 0xfffffffffffffffa, 0x6, 0x1, 0x7, 0xfffffffffffffdc4, 0x4, 0x1f, 0xfffffffffffffff7, 0x9, 0x9e86, 0x8, 0x0, 0x1000, 0x9, 0xdc3, 0x4, 0x99, 0x1, 0x6, 0x5, 0x4, 0x8, 0x77, 0x4, 0x2f6, 0x8, 0x8000, 0x8, 0x6, 0x0, 0xb7, 0x22af, 0x1, 0xffffffff, 0x100, 0x80000000000000, 0xe2, 0x1, 0x95b, 0x1, 0x9, 0x8, 0x6, 0x1000, 0x1, 0x5d6c, 0xda84, 0xffffffffffffffe0, 0x5, 0xdc9a, 0x1, 0x4, 0x3ff, 0x5, 0x10001, 0x4, 0x13, 0x794, 0xfffffffffffffffc, 0x8001, 0x3, 0xba5, 0x0, 0x7, 0x7fff, 0x1, 0x9, 0x81, 0x100000001, 0x101, 0x6, 0x101, 0x100, 0xa5ba, 0x100000000, 0xfff, 0x3, 0x3, 0x2, 0x1e, 0x93c0, 0x4, 0x6, 0x400, 0x3ff, 0x4f, 0x6, 0x8f, 0x9, 0x1, 0x4, 0x0, 0x3, 0x2, 0x0, 0x3, 0x2e2b, 0x100000001, 0x2, 0x2, 0x7, 0x100, 0x1a, 0x2, 0x400, 0x9, 0xfd3, 0xffffffff, 0x6c84f5ed, 0x5, 0xfffffffffffffffe, 0x9, 0x9, 0x100000000, 0x3, 0x5, 0x7, 0x8, 0x5, 0x0, 0x12, 0x5, 0x8, 0x3, 0x37e50ce1, 0x9, 0x401, 0x5, 0x0, 0xffff, 0x7ff, 0x100000000, 0x1, 0x3, 0x7fffffff, 0x0, 0x4, 0x81, 0xfffffffffffffffb, 0xffffffff, 0x5, 0x20, 0xf, 0x1, 0x5, 0x2, 0x3e, 0x8000, 0x651, 0x8, 0x1, 0x401, 0xb05, 0xd6, 0x1, 0x4, 0xb86, 0x20, 0x5, 0x4, 0x3, 0x101, 0x6, 0x2fa4, 0x4, 0x3, 0x0, 0x7, 0x8, 0x4, 0x40, 0x7, 0x0, 0x8000, 0x1ff, 0x9, 0x46ac, 0x9, 0x1, 0xff, 0x1, 0x8001, 0x6, 0x0, 0x45db, 0x1, 0x2117, 0x3, 0x8, 0x86, 0x4, 0x7, 0x0, 0xfff, 0x1, 0x134, 0x7, 0x3, 0x6, 0x80000000, 0xb9, 0x1, 0x7f, 0x5, 0x100, 0x9, 0x2e8, 0x1, 0x490, 0x401, 0x100000001, 0xfffffffffffff349, 0xd4, 0x4dd, 0xfffffffffffff001, 0x20, 0x0, 0x401, 0x9e61, 0x1, 0x7, 0x2, 0x2, 0x4, 0x9, 0x7, 0x7, 0x1f, 0x8, 0x8, 0x7f, 0x2, 0xfffffffffffffffa, 0x20, 0xffff, 0x400, 0x1f, 0x8, 0x4, 0x9, 0x7, 0xa0, 0x1, 0x43c5f398, 0x3, 0x400, 0x0, 0x7, 0x9, 0x8, 0x3, 0x7502, 0x8f06, 0x79a9c39b, 0x5, 0x8, 0x1000200000000, 0xfffffffffffffffe, 0x9, 0x1, 0x6, 0x7f, 0x6, 0x80000000, 0x9, 0x6, 0x7ff, 0x7, 0x100, 0x1, 0x2, 0x7, 0x80, 0x9, 0xffffffffffffff01, 0x2, 0x20, 0x7, 0x7440, 0x1, 0xc719, 0x5, 0x8b4, 0x8c, 0x9, 0x8, 0x8, 0x5b, 0x5, 0x1, 0xfffffffffffffc00, 0x80d0, 0xff, 0x0, 0x8, 0x0, 0x4, 0xb9b, 0xfffffffffffffff9, 0x5, 0x1, 0x8, 0x7, 0x7, 0x9, 0x7, 0xfff, 0xffffffffffff0001, 0x529c, 0x1f, 0x7, 0x1, 0x99, 0x10001, 0x7fffffff, 0x0, 0x9, 0x4, 0x7, 0x8, 0xe51, 0x5, 0xffff, 0x3, 0xc38, 0x9, 0x7ff, 0x0, 0x20000000000, 0x383, 0xfffffffffffffd20, 0xa96f, 0xffff, 0x5, 0x4, 0x9, 0x2, 0x0, 0x4c5cfc32, 0x1, 0x80000001, 0x1, 0x3d, 0x100, 0x3, 0xa8, 0x7fffffff, 0xd6, 0x0, 0x1, 0x81, 0x100000001, 0x2, 0x1, 0x2, 0x81, 0x5, 0x1000, 0x0, 0xb9, 0x9, 0x50f5, 0x1, 0x6, 0x6, 0x101, 0x7fff, 0x1, 0x0, 0x6, 0xb69e, 0x1, 0x20, 0x6, 0x8, 0x4, 0xe5d4, 0x3f, 0x8, 0xce8, 0x6, 0x80, 0x400, 0x7, 0x0, 0x8, 0x7, 0x101, 0x3ff, 0x2, 0x7fffffff, 0x7ff, 0x1, 0x5, 0x4, 0xff, 0xa2b9, 0x18, 0x401, 0x1ff, 0x2, 0x667446d8, 0x7, 0x7fffffff, 0x7f, 0x7, 0x5, 0x8, 0x0, 0x9, 0x3, 0x9, 0x0, 0x79, 0x2, 0xffff, 0x0, 0x1, 0xee, 0x1b24, 0x39a6, 0x5, 0x8, 0x2, 0x0, 0x6, 0x400, 0x8, 0x1, 0x0, 0x3f, 0x7ff, 0x7, 0x3ff, 0x9, 0x1, 0xffffffffffff8001, 0xffffffff7fffffff, 0xffffffff, 0x2, 0x3, 0x2, 0x6, 0x9, 0x400, 0x10000, 0x6, 0x5, 0x9, 0x80, 0x7, 0x8001, 0x1, 0xd3b, 0x9, 0x0, 0x9, 0x100000001, 0x3, 0x2, 0xb8d, 0x6, 0x4, 0x80, 0x8, 0xf27, 0x6, 0x6c01, 0x7, 0x24c9f3b6, 0x73, 0x99, 0x9, 0x8, 0x1, 0x49b7, 0x8, 0x8, 0x7fffffff, 0x0, 0x0, 0xfe, 0x4, 0x6, 0x80000000, 0x6, 0x80000001, 0x7fffffff, 0x1, 0x401, 0x3, 0x7, 0x3d1f, 0x9, 0xe7, 0x100000000, 0x5, 0x2, 0x800, 0x0, 0x0, 0x3f, 0x0, 0x2, 0x5, 0xe9, 0x80000000, 0x6, 0x6, 0x80000001, 0x9, 0xff, 0x3, 0x90, 0x4, 0x0, 0x1, 0x2, 0x100000001, 0x4, 0x400, 0x800, 0x7f, 0x0, 0x5, 0x4, 0x38c, 0x81, 0xfff, 0x1, 0x9, 0x7, 0x5, 0xfffffffffffff0b1, 0x8, 0x100000000, 0x0, 0x3ff, 0x4, 0x6, 0x89, 0x2, 0x3, 0xfffffffffffffffe, 0x0, 0x81, 0x1, 0x9, 0x1000, 0x83, 0x3, 0x0, 0x6, 0x8, 0x401, 0x8]})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
io_submit(0x0, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000340), 0xfdef}])
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000a40)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c8103ec93a40c8a4d4412a763b00040000000000003c5ca206c047ecee78e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1efc5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10eed2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f1f00000000000000e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e31519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a801655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e4a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f092613e28387e955722908dd88b56163be8312ff47c5b6f28c747974da8b04971a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4400ae8f, &(0x7f0000000000)=0xfffffffffffffffe)

22:04:21 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:21 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487abb3"], &(0x7f00000002c0)=0x2)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:21 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:21 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:21 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
io_submit(0x0, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000340), 0xfdef}])
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:21 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487abb3"], &(0x7f00000002c0)=0x2)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:21 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47b")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:21 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:21 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:21 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487abb3"], &(0x7f00000002c0)=0x2)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

[  424.848636][T16791] binder_alloc: 16789: binder_alloc_buf, no vma
[  424.886738][ T3865] binder: unexpected work type, 4, not freed
22:04:22 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:22 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x4, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
io_submit(0x0, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000340), 0xfdef}])
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
r3 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20\x00', 0x10000, 0x0)
eventfd2(0x100, 0x801)
read$hiddev(r3, &(0x7f00000001c0)=""/31, 0x10c)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))
close(r2)

22:04:22 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:22 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487abb374"], &(0x7f00000002c0)=0x1)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:22 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47b")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

[  425.218028][T16801] binder_alloc: 16800: binder_alloc_buf, no vma
[  425.247791][   T17] binder: unexpected work type, 4, not freed
22:04:22 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:22 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
io_submit(0x0, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000340), 0xfdef}])
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x400, 0x0)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f00000000c0)={<r4=>0x0, 0x800}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r3, 0x84, 0x6d, &(0x7f0000000240)={r4, 0xc4, "178a3fe1ba2f7957e6200bd818138f4d9f8b98b5db480528aa4a43d9bfaae4c2423552b0a6a645d0c5f0989e1ec4b8f532f9f31e767ae5f805c1e34ddeae8254524d3d7194dc4c5f4c3c208c556cf3a0947ffdc92798bf87d2ada9bf569b923bc067b0211b5bbd8406dac09152c2eba9dfcbbee40e076880e7ce2cb7a8be26bfc07fb24ce5ed3d99dfb97e409484c5300bcdbbeada567ff48ad2db4d4edd29fcbf179459108a9efbe049cdcc76968eeffad60f1f286ae4b4715e021dfc0f0ea5dbf6a00a"}, &(0x7f0000000140)=0xcc)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:22 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:22 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487abb374"], &(0x7f00000002c0)=0x1)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

[  425.635240][T16822] binder_alloc: 16819: binder_alloc_buf, no vma
[  425.666875][ T3865] binder: unexpected work type, 4, not freed
22:04:22 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47b")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:22 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487abb374"], &(0x7f00000002c0)=0x1)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:22 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

[  425.946396][T16835] binder_alloc: 16834: binder_alloc_buf, no vma
[  426.029364][ T3865] binder: unexpected work type, 4, not freed
22:04:23 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000440))
io_submit(0x0, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000340), 0xfdef}])
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000000c0)={{{@in=@remote, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@loopback}}}, &(0x7f0000000040)=0xe8)
sendmsg$xdp(r1, &(0x7f0000000380)={&(0x7f00000001c0)={0x2c, 0x6, r3, 0x1}, 0x10, &(0x7f0000000340)=[{&(0x7f0000000240)="0e180ffddf0bf9f5979d1840929a", 0xe}, {&(0x7f0000000280)="a94135e20ebc8e04b4595f9347fd49a31a9fb01655f672ec1005262a46c32cae20ef17dbc20899fdd461e5ea1b4adc9cb10873f69f2e7e37c083852d21aa1af0065e4a2b5eb7a41ff49ec42fedfa89e45f3d7ca2c37f34d29589c4ebd202cbd2f4d5c4236fb15c73120df549729e2f786c1f5ddf6338c659aeb050f329f5eb2d97e4b189e52e5793d958", 0x8a}], 0x2, 0x0, 0x0, 0x800}, 0x4000040)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sysfs$1(0x1, &(0x7f0000000480)='nr0\x00')
ioctl$sock_SIOCBRADDBR(r4, 0x89a0, &(0x7f0000000400)='nr0\x00')

22:04:23 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf0")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:23 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:23 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:23 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487abb374"], 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

[  426.415369][T16856] binder_alloc: 16855: binder_alloc_buf, no vma
[  426.454771][ T3865] binder: unexpected work type, 4, not freed
22:04:23 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:23 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487abb374"], 0x0)
ioctl$KVM_SET_VAPIC_ADDR(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000))

22:04:23 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:23 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = open(&(0x7f00000000c0)='./file0\x00', 0x81, 0x4)
ioctl$TIOCSLCKTRMIOS(r2, 0x5457, &(0x7f0000000140))
io_submit(0x0, 0x244, &(0x7f0000001440)=[&(0x7f0000000040)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, r2}])
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
syz_open_dev$admmidi(&(0x7f00000001c0)='/dev/admmidi#\x00', 0x4617, 0x101280)
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4400ae8f, &(0x7f0000000000))

22:04:23 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf0")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

[  426.737891][T16864] binder_alloc: 16863: binder_alloc_buf, no vma
[  426.822063][   T17] binder: unexpected work type, 4, not freed
22:04:23 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:24 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487abb374"], 0x0)
ioctl$KVM_SET_VAPIC_ADDR(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000))

[  427.000479][T16880] binder_alloc: 16878: binder_alloc_buf, no vma
[  427.025485][   T17] binder: unexpected work type, 4, not freed
22:04:24 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x0, 0x0)
getpeername(0xffffffffffffffff, &(0x7f0000000240)=@ll={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000002c0)=0x80)
sendmsg$nl_route(r2, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)=@dellink={0x34, 0x11, 0x802, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, 0x80, 0x44400}, [@IFLA_BROADCAST={0xc, 0x2, @local}, @IFLA_TXQLEN={0x8, 0xd, 0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x8001}, 0x10)
io_submit(0x0, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000340), 0xfdef}])
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4400ae8f, &(0x7f0000000000))

22:04:24 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:24 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:24 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487abb374"], 0x0)
ioctl$KVM_SET_VAPIC_ADDR(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000))

[  427.305249][T16890] binder_alloc: 16889: binder_alloc_buf, no vma
[  427.337175][   T17] binder: unexpected work type, 4, not freed
22:04:24 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

[  427.573523][T16903] binder_alloc: 16902: binder_alloc_buf, no vma
[  427.614908][   T17] binder: unexpected work type, 4, not freed
22:04:24 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:24 executing program 2:
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
ioctl$TIOCNXCL(r1, 0x540d)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0xffffffffffffffef, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x7, 0x2, 0xf002, 0x1000, &(0x7f0000fff000/0x1000)=nil})
io_submit(0x0, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000340), 0xfdef}])
ioctl$KVM_ASSIGN_SET_INTX_MASK(r1, 0x4040aea4, &(0x7f00000000c0)={0x80000000, 0x4, 0x7, 0x6, 0x5})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000240)="c89172bc1a81389f3bf19aeb581129a9651d489c524583e40b8376b966caf4408c40de4251c2d468e2db2220fcf36578c7394a53f05830f4ada559ee702166971db984058e95d81eecdac11a8fbbe47413d832be77262bb35d0259d0d541ed1b8fabf127347ba2e99f33d560334ef0301e44a24eb8ae013e11a047451540c4f73161c4fc7994b45a0ff2c03664fe41f80515a8ee56b01bb4be578f17c059")
ioctl$KVM_GET_MP_STATE(r1, 0x8004ae98, &(0x7f0000000080))
ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4400ae8f, &(0x7f0000000000))

22:04:24 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487abb374"], 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, 0x0)

22:04:24 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:24 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf0")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

[  427.829256][   T17] binder: unexpected work type, 4, not freed
22:04:25 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x208200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
io_submit(0x0, 0x1, &(0x7f0000001440)=[&(0x7f0000000040)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000340)}])
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))

22:04:25 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:25 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487abb374"], 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, 0x0)

[  428.176877][ T3865] binder: unexpected work type, 4, not freed
22:04:25 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x40, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
io_submit(0x0, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000340), 0xfdef}])
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp\x00', 0x200080, 0x0)
ioctl$TUNGETFILTER(r3, 0x801054db, &(0x7f0000000100)=""/136)

22:04:25 executing program 4:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r1, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:25 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:25 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="6b00000012b5d0d77ea70b0827aa4aa4b9ba5e696aee8411c4bb3f1d35b35764e9f8c2acdf1807c48487abb374"], 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, 0x0)

[  428.464584][ T3865] binder: unexpected work type, 4, not freed
22:04:25 executing program 1:
syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:25 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:25 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
io_submit(0x0, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000340), 0xfdef}])
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="c89172bc1aed9cd0f196cc710beae8a58f6281389f3bf19aeb581129a9651d489c52")
r3 = syz_open_dev$video4linux(&(0x7f0000000100)='/dev/v4l-subdev#\x00', 0x6, 0x80003)
ioctl$VIDIOC_ENCODER_CMD(r3, 0xc028564d, &(0x7f0000000140)={0x0, 0x1, [0x4, 0x9, 0x7, 0x7, 0x5, 0x20, 0x4, 0x41]})
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4400ae8f, &(0x7f0000000000))
r4 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cachefiles\x00', 0x440000, 0x0)
ioctl$SG_SET_FORCE_PACK_ID(r4, 0x227b, &(0x7f00000000c0)=0x1)

22:04:25 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:25 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x16, 0x0, 0x40002, 0x2, 0x0, 0x1}, 0x3c)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000240)={r1, 0x0, &(0x7f0000000140)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r1, 0x0, &(0x7f0000000040)=""/1}, 0x18)

22:04:26 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:26 executing program 1:
syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:26 executing program 5:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/uinput\x00', 0x0, 0x0)
ioctl$UI_END_FF_ERASE(r0, 0x400c55cb, &(0x7f0000000000)={0x10})

22:04:26 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000400)='net/tcp\x00\xcdWq\xe9*\a4g\a^\x90\xb6\xe4kH2\x80/\x88\xb6\xbb\xeb`\xb8@#\x83tH\xae\xa4y\x1d\\]\x93\x93\xb5e\xd9\xd4\xb8A# \xc8*s\xd0g>\x16\xabM\x7foK\xec\x17f\xb9x\x11\xbf\xab\x16\xc5\xcb\x94\xff\x1c\xa0\x01\xb3I\x1c\xb9\xcc\xbb\xbe\x9c\xd0!\x13\xe1\xbc.\xfaG3\x85\xe0,')
readv(r0, &(0x7f0000000580)=[{&(0x7f0000000200)=""/172, 0xac}], 0x1)

22:04:26 executing program 4:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r1, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:26 executing program 1:
syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:26 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:26 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)

[  429.483651][T16986] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
22:04:26 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r1, r2)

22:04:26 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0x4)
setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x6, 0x0, "f3da92989018f537964c887d406980e18c64a060fb1579d419751cbc43f5ddcfee8621f31aea451bb263fb5e7be8d0cde28b17b69f78a4bbfecef6de41bbb96a222c49c870d55f609c42295d183e57db"}, 0xfc76)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2010000000000022, &(0x7f0000000080)=0x1, 0x4)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c)
sendto$inet6(r1, &(0x7f0000000100)="84", 0x1, 0x80000000200400d4, 0x0, 0x0)

22:04:26 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240))
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:26 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:26 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r1, r2)

22:04:26 executing program 5:
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000100)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}})
read$FUSE(r0, &(0x7f0000000580), 0x1000)
read$FUSE(r0, &(0x7f0000002000), 0x215)
write$FUSE_INIT(r0, &(0x7f0000000480)={0x50, 0x0, 0x1}, 0x50)
rename(&(0x7f0000000000)='./file0/file1\x00', &(0x7f0000000040)='./file0/file1\x00')
write$FUSE_ENTRY(r0, &(0x7f0000000340)={0x90, 0x0, 0x2, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1bd4}}}, 0x90)

22:04:26 executing program 2:

[  429.936133][T17002] binder: 17000:17002 ioctl c0306201 0 returned -14
22:04:27 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r1, r2)

22:04:27 executing program 4:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r1, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:27 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:27 executing program 2:

22:04:27 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:27 executing program 2:

[  430.498859][T17025] binder: 17021:17025 ioctl c0306201 0 returned -14
22:04:27 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:27 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:27 executing program 2:

22:04:27 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240))
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:28 executing program 5:

22:04:28 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

[  430.991799][T17041] binder: 17040:17041 ioctl c0306201 0 returned -14
22:04:28 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'\xd6eth0Pto_bridge\x00', 0x803})
ioctl$TUNSETTXFILTER(r0, 0x400454d1, 0x0)

22:04:28 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:28 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:28 executing program 5:

22:04:28 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:28 executing program 2:

22:04:28 executing program 5:

22:04:28 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:28 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:29 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240))
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:29 executing program 2:

22:04:29 executing program 5:

22:04:29 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:29 executing program 2:

22:04:29 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:29 executing program 5:

22:04:29 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000300), 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:29 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:29 executing program 2:

22:04:29 executing program 5:

22:04:29 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:30 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:30 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000300), 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:30 executing program 2:

22:04:30 executing program 5:

22:04:30 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:30 executing program 5:

22:04:30 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:30 executing program 2:

22:04:30 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:30 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000300), 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:30 executing program 5:

22:04:30 executing program 5:

22:04:31 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:31 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:31 executing program 2:

22:04:31 executing program 5:

22:04:31 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:31 executing program 2:

22:04:31 executing program 5:

22:04:31 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:31 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:31 executing program 2:

22:04:31 executing program 5:

22:04:31 executing program 2:

22:04:31 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:31 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:31 executing program 2:

22:04:31 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:32 executing program 2:

22:04:32 executing program 5:

22:04:32 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x0, &(0x7f0000000200), 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:32 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:32 executing program 5:

22:04:32 executing program 2:

22:04:32 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x0, &(0x7f0000000200), 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:32 executing program 5:

22:04:33 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:33 executing program 2:

22:04:33 executing program 5:

22:04:33 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x0, &(0x7f0000000200), 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:33 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:33 executing program 5:

22:04:33 executing program 2:

22:04:33 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:33 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:33 executing program 2:

22:04:33 executing program 5:

[  436.554247][   T17] binder: unexpected work type, 4, not freed
22:04:33 executing program 2:

22:04:34 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:34 executing program 5:

22:04:34 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:34 executing program 2:

22:04:34 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:34 executing program 5:

[  437.102956][ T3865] binder: unexpected work type, 4, not freed
22:04:34 executing program 2:

22:04:34 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:34 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:34 executing program 5:

22:04:34 executing program 2:

[  437.544759][ T3865] binder: unexpected work type, 4, not freed
22:04:34 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, 0x0)

[  437.662189][T17272] binder: 17271:17272 ioctl c0306201 0 returned -14
[  437.673456][ T3865] binder: unexpected work type, 4, not freed
22:04:35 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:35 executing program 2:

22:04:35 executing program 5:

22:04:35 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, 0x0)

22:04:35 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:35 executing program 2:

[  438.139784][T17284] binder: 17279:17284 ioctl c0306201 0 returned -14
22:04:35 executing program 5:

[  438.191202][ T3865] binder: unexpected work type, 4, not freed
22:04:35 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:35 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, 0x0)

22:04:35 executing program 2:

22:04:35 executing program 5:

22:04:35 executing program 2:

[  438.578689][T17301] binder: 17300:17301 ioctl c0306201 0 returned -14
[  438.626745][ T3865] binder: unexpected work type, 4, not freed
22:04:36 executing program 2:

22:04:36 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:36 executing program 5:

22:04:36 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:36 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

22:04:36 executing program 2:

[  439.100665][ T3865] binder: unexpected work type, 4, not freed
22:04:36 executing program 5:

22:04:36 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:36 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

22:04:36 executing program 2:

22:04:36 executing program 5:

22:04:36 executing program 5:

[  439.580882][   T17] binder: unexpected work type, 4, not freed
22:04:37 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

22:04:37 executing program 2:

22:04:37 executing program 5:

22:04:37 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:37 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:37 executing program 2:

[  440.154100][   T17] binder: unexpected work type, 4, not freed
22:04:37 executing program 5:

22:04:37 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0), 0x0, 0x0, 0x0})

22:04:37 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:37 executing program 2:

22:04:37 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:37 executing program 5:

[  440.609385][ T3865] binder: unexpected work type, 4, not freed
22:04:37 executing program 5:

22:04:37 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0), 0x0, 0x0, 0x0})

22:04:37 executing program 2:

[  440.848741][ T3865] binder: unexpected work type, 4, not freed
22:04:38 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:38 executing program 5:

22:04:38 executing program 2:

22:04:38 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:38 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0), 0x0, 0x0, 0x0})

22:04:38 executing program 2:

[  441.216863][   T17] binder: unexpected work type, 4, not freed
22:04:38 executing program 5:

22:04:38 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:38 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:38 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:38 executing program 2:

22:04:38 executing program 5:

[  441.738465][   T17] binder: unexpected work type, 4, not freed
22:04:39 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:39 executing program 5:

22:04:39 executing program 2:

22:04:39 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:39 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:39 executing program 2:

[  442.225101][   T17] binder: unexpected work type, 4, not freed
22:04:39 executing program 5:

22:04:39 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:39 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200), &(0x7f0000000240)}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f00000003c0)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:04:39 executing program 2:

22:04:39 executing program 5:

22:04:39 executing program 2:

[  442.832541][   T17] binder: unexpected work type, 4, not freed
22:04:40 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:04:40 executing program 5:

22:04:40 executing program 2:

22:04:40 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:40 executing program 1:

22:04:40 executing program 5:

22:04:40 executing program 2:

22:04:40 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:40 executing program 1:

22:04:40 executing program 2:

22:04:40 executing program 5:

22:04:40 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, 0x0)
dup2(r2, r3)

22:04:40 executing program 5:

22:04:40 executing program 1:

22:04:40 executing program 2:

22:04:41 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:41 executing program 5:

22:04:41 executing program 2:

22:04:41 executing program 1:

22:04:41 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:41 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, 0x0)
dup2(r2, r3)

22:04:41 executing program 5:
r0 = syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x8c02)
write(r0, &(0x7f0000000000)="b63db5003f0004000000ed69d2bc7037cebc82c2de96aa0faeaa6f16b5d8679c282acc38bbe9cad006c476d6968338de", 0x30)
readv(r0, &(0x7f0000000080)=[{&(0x7f0000000140)=""/183, 0xb7}, {&(0x7f0000000240)=""/247, 0xf7}], 0x2)

22:04:41 executing program 2:
r0 = socket$kcm(0xa, 0x120000000003, 0x11)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f0000000040))

22:04:41 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0xa, 0x3, &(0x7f0000008000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x22, 0x7}}, &(0x7f0000014ff5)='syzka\x00\x00\x00\x05\x00\xf3', 0x2, 0x1000, &(0x7f0000014000)=""/4096}, 0x48)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000240)=ANY=[@ANYBLOB="7f454c460800000000000000000000000000007071d1c21e340000000000000000000000400000000000000010"], 0x2d)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000280)={r0, 0xc0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)

22:04:41 executing program 2:
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0xa, 0x3, &(0x7f0000008000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x22, 0x7}}, &(0x7f0000014ff5)='syzka\x00\x00\x00\x05\x00\xf3', 0x2, 0x1000, &(0x7f0000014000)=""/4096}, 0x48)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000240)=ANY=[@ANYBLOB="7f454c460800000000000000000000000000007071"], 0x15)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000280)={r0, 0xc0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)

22:04:41 executing program 1:
r0 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x101002)
write$evdev(r0, &(0x7f0000000000)=[{{0x77359400}}], 0x11)

22:04:41 executing program 5:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000007c0)='/dev/ppp\x00', 0x0, 0x0)
ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSMAXCID(r0, 0x40047451, 0x0)

22:04:42 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(0xffffffffffffffff, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:42 executing program 2:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x200008, 0x0)
utimes(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000)={{0x77359400}})
r0 = open$dir(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x0)

22:04:42 executing program 1:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.threads\x00', 0x2, 0x0)
ioctl$TIOCLINUX7(0xffffffffffffffff, 0x541c, 0x0)
write$cgroup_pid(r1, &(0x7f0000000100), 0x12)

22:04:42 executing program 5:
r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000340)='./file1\x00', 0x0)
write$binfmt_elf64(r0, &(0x7f0000000080)=ANY=[], 0xffdbc2ca)
rename(&(0x7f0000000480)='./file0\x00', &(0x7f0000000440)='./file1/file0\x00')
lsetxattr$security_ima(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)='security.ima\x00', 0x0, 0x0, 0x0)
ptrace$getregs(0xffffffffffffffff, 0x0, 0x0, 0x0)

22:04:42 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:42 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, 0x0)
dup2(r2, r3)

22:04:42 executing program 1:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x9d, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000300)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x2779})

22:04:42 executing program 2:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x9d, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000300)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0x400c12f5, &(0x7f0000000080))

22:04:42 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x0}, 0x20)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

22:04:43 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f0000000600)=[{&(0x7f0000000140)=""/179, 0xb3}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x7)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0x79d1, 0x0, 0x0, 0x800e00757)
shutdown(r0, 0x0)
r2 = socket$inet6_sctp(0x1c, 0x3, 0x84)
dup(0xffffffffffffffff)
shutdown(0xffffffffffffffff, 0x0)
readv(r2, &(0x7f00000008c0)=[{&(0x7f00000002c0)=""/17, 0x11}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x8)
shutdown(r1, 0x0)

22:04:43 executing program 1:
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0)
write$P9_RAUTH(0xffffffffffffffff, &(0x7f0000000080)={0x14}, 0x14)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/igmp6\x00')
preadv(r0, &(0x7f00000017c0), 0x333, 0x1000000)

22:04:43 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000))
dup2(r2, r3)

22:04:43 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(0xffffffffffffffff, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:43 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000fe4000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
dup3(r0, r1, 0x0)
dup2(r1, r2)

22:04:43 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet6_MRT6_DEL_MFC_PROXY(r0, 0x29, 0xd3, &(0x7f0000000000)={{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, {0xa, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}}}, 0x5c)

22:04:43 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:43 executing program 2:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/raw6\x00')
readv(r0, &(0x7f0000000580)=[{&(0x7f0000000200)=""/172, 0xac}], 0x1)

22:04:44 executing program 5:
r0 = add_key$keyring(&(0x7f0000001200)='keyring\x00', &(0x7f0000000380)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$assume_authority(0x10, r0)

22:04:44 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x88)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x14e24}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e24, 0x0, @loopback}, 0x1c)
recvmmsg(r0, &(0x7f0000008600)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000003140)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

22:04:44 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000))
dup2(r2, r3)

22:04:44 executing program 2:
shutdown(0xffffffffffffffff, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$sock_timeval(r0, 0xffff, 0x1006, &(0x7f0000000080)={0xb11}, 0x10)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x412, 0xffffffffffffffff, 0x0)
recvfrom$inet(r0, 0x0, 0x6858695fc74c58aa, 0x0, 0x0, 0x800e00567)
shutdown(r0, 0x0)

22:04:44 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee67, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000440)={0x2, 0x0, @broadcast}, 0x10)

22:04:44 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f00000015c0)=[{&(0x7f0000000040)=""/44, 0x2c}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x7)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xfffffecb, 0x0, 0x0, 0x800e00515)
shutdown(r0, 0x0)
read(r1, &(0x7f00000000c0)=""/111, 0x6f)
shutdown(r1, 0x0)

22:04:44 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(0xffffffffffffffff, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:44 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
mknod(&(0x7f00000001c0)='./bus\x00', 0x100c, 0x0)
mknod(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
r1 = open$dir(&(0x7f0000000300)='./file0\x00', 0x0, 0x0)
r2 = open(&(0x7f0000000600)='./bus\x00', 0x2, 0x0)
write$P9_RATTACH(r2, &(0x7f0000000080)={0x14}, 0xedb1f0d6)
splice(r1, 0x0, r2, 0x0, 0xffffffff, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r3, 0x1000000000013)
read$FUSE(r2, &(0x7f0000000640), 0xffffffef)

22:04:44 executing program 2:
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x9e, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x80810a, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
pause()
socket$inet(0x2, 0x0, 0x0)
write$FUSE_STATFS(0xffffffffffffffff, &(0x7f00000000c0)={0x60, 0x0, 0x0, {{0x0, 0x0, 0x1000, 0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x80000001}}}, 0x60)

22:04:44 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0xffffffffffffffff, 0x2)
clone(0x1001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r0, 0x0)
mmap$binder(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x0)

[  447.756215][T17645] binder_alloc: binder_alloc_mmap_handler: 17643 20ffc000-20fff000 already mapped failed -16
22:04:45 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:45 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000))
dup2(r2, r3)

22:04:45 executing program 2:
poll(&(0x7f00000000c0)=[{}, {}, {}, {}], 0x1a3, 0x42)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00509)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000100)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x4}, 0x2)
r2 = dup(r1)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r3, 0x0, 0xfec5, 0x0, 0x0, 0x800e00505)
shutdown(r2, 0x0)
poll(&(0x7f0000000080)=[{r2}], 0x1, 0xcd)
shutdown(r3, 0x0)
shutdown(r0, 0x0)

22:04:45 executing program 1:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='configfs\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
getdents(r0, &(0x7f00000000c0)=""/160, 0x26)
getdents64(r0, 0x0, 0x0)

22:04:45 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bpq0\x00'})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x10010000000034)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000006000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
syz_genetlink_get_family_id$ipvs(0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
wait4(0x0, 0x0, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)

22:04:45 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xf7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x7ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
add_key$keyring(0x0, &(0x7f0000000200)={'syz', 0x2}, 0x0, 0x0, 0x0)
msgget(0x2, 0x0)
keyctl$get_security(0x11, 0x0, &(0x7f0000000940)=""/107, 0x24109a43055880eb)
syz_open_dev$usbmon(&(0x7f0000000300)='/dev/usbmon#\x00', 0x0, 0x145000)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)

22:04:45 executing program 2:
shutdown(0xffffffffffffffff, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$sock_timeval(r0, 0xffff, 0x1006, &(0x7f0000000080)={0xb11}, 0x10)
recvfrom$inet(r0, 0x0, 0x6858695fc74c58aa, 0x0, 0x0, 0x800e00567)
shutdown(r0, 0x0)

22:04:45 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(0xffffffffffffffff, r3)

22:04:45 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:45 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
mknod(&(0x7f00000001c0)='./bus\x00', 0x100c, 0x0)
mknod(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
r1 = open$dir(&(0x7f0000000300)='./file0\x00', 0x0, 0x0)
r2 = open(&(0x7f0000000600)='./bus\x00', 0x2, 0x0)
write$P9_RATTACH(r2, &(0x7f0000000080)={0x14}, 0xedb1f0d6)
splice(r1, 0x0, r2, 0x0, 0xffffffff, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r3, 0x1000000000013)
read$FUSE(r2, &(0x7f0000000640), 0xffffffef)

22:04:45 executing program 1:
r0 = syz_open_dev$loop(&(0x7f0000000380)='/dev/loop#\x00', 0x0, 0x0)
readahead(r0, 0x0, 0x0)

22:04:46 executing program 2:
r0 = syz_open_procfs(0x0, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='rpc_pipefs\x00', 0x0, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, &(0x7f0000000340))
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000540)={0x670, {{0x2, 0x4e22, @multicast1}}, {{0x2, 0x4e23, @multicast1}}}, 0x108)
r1 = getpid()
rmdir(&(0x7f0000000200)='./file0\x00')
ioperm(0x8, 0x0, 0x0)
r2 = getpgid(0x0)
prctl$PR_GET_NAME(0x10, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000004540), &(0x7f0000004580)=0xc)
syslog(0x9, &(0x7f0000000240)=""/62, 0x3e)
ioctl$sock_SIOCSIFBR(0xffffffffffffffff, 0x8941, &(0x7f0000000180)=@get={0x1, 0x0, 0xfffffffffffff801})
sendmmsg$unix(r0, &(0x7f0000004c80)=[{0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001800000000000000010000000100", @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r0, @ANYBLOB="3000000000000000010000000100", @ANYRES32, @ANYRES32, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="240000000000000001000000010000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000020000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xba, 0x90}, {&(0x7f0000000a00)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1c0001880000020032d7", @ANYRES32=r1, @ANYRES16, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32, @ANYRES32, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32=r2, @ANYRES32, @ANYRES32, @ANYRES64=0x0, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32, @ANYRES32, @ANYBLOB="ba9fd6fa0ae62cb4f4d3260ca6ea7414d04a468f0317323156a50b6edf", @ANYRES32, @ANYBLOB], 0x9d, 0x804}], 0x2, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000))
r3 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r3, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e28000000110affff82aba0aa1c0009b356da5a80918b06b20cd37ed01cc000"/76, 0x4c}], 0x1}, 0x0)

22:04:46 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:46 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f0000000600)=[{&(0x7f0000000140)=""/179, 0xb3}, {0x0}, {0x0}, {0x0, 0x36d}, {0x0, 0x3d8}, {0x0, 0xfd04}, {0x0}], 0x1)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0x79d1, 0x0, 0x0, 0x800e00757)
shutdown(r0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000080)=""/178, 0xb2}], 0x1}, 0x0)
shutdown(r1, 0x0)
shutdown(r2, 0x0)

22:04:46 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000540)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00005befdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)=0x3)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)=0x3)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0)
ioctl$EVIOCGPROP(r2, 0x40047438, &(0x7f0000000180)=""/246)

22:04:46 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(0xffffffffffffffff, r3)

22:04:46 executing program 1:
poll(&(0x7f00000000c0)=[{}, {}, {}, {}], 0x1a3, 0x42)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00509)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000100)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x4}, 0x0)
r2 = dup(r1)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r3, 0x0, 0xfec5, 0x0, 0x0, 0x800e00505)
shutdown(r2, 0x0)
poll(&(0x7f0000000080)=[{r2}], 0x1, 0xcd)
shutdown(r3, 0x0)
shutdown(r0, 0x0)

22:04:46 executing program 2:
r0 = syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000001840)={{0x80}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \xd6\xf7\xbf\x19\x8f\xb3\x01\xd6\x00'})
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f0000000040)={{0x0, 0x1}, {0x80}})
dup2(r2, r0)

22:04:46 executing program 2:
poll(&(0x7f00000000c0)=[{}, {}, {}, {}], 0x1a3, 0x42)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00509)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000100)=""/194, 0xc2}, {0x0}, {0x0}], 0x3}, 0x2)
r2 = dup(r1)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r3, 0x0, 0xfec5, 0x0, 0x0, 0x800e00505)
shutdown(r2, 0x0)
poll(&(0x7f0000000080)=[{r2}], 0x1, 0xcd)
shutdown(r3, 0x0)
shutdown(r0, 0x0)

22:04:46 executing program 5:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback, @multicast2}, 0xc)

22:04:46 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:47 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(0xffffffffffffffff, r3)

22:04:47 executing program 5:
clone(0x7ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='stat\x00')
socketpair$unix(0x1, 0x2000000002, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
exit(0x0)
sendfile(r1, r0, 0x0, 0x100000002)

22:04:47 executing program 1:
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000140)=0x401, 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0x4000000000014, &(0x7f0000000040)=0x80000000002, 0x4)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0)
recvmmsg(r0, &(0x7f00000001c0), 0x40000000000025c, 0xea225aec34b1dd0e, 0x0)

22:04:47 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240))
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:47 executing program 2:
poll(&(0x7f00000000c0)=[{}, {}, {}, {}], 0x1a3, 0x42)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00509)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000100)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x4}, 0x0)
r2 = dup(r1)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r3, 0x0, 0xfec5, 0x0, 0x0, 0x800e00505)
shutdown(r2, 0x0)
poll(0x0, 0x0, 0x9b)
shutdown(r3, 0x0)
shutdown(r0, 0x0)

22:04:47 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xf7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x7ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
msgget(0x2, 0x0)

22:04:47 executing program 1:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}})
umount2(&(0x7f00000000c0)='./file0\x00', 0x100000000000003)

22:04:47 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, 0xffffffffffffffff)

22:04:47 executing program 1:
pipe(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fstat(r1, &(0x7f0000000680))
write(r1, &(0x7f00000001c0), 0xfffffef3)
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/netlink\x00')
preadv(r2, &(0x7f0000000700), 0x31f, 0x10400003)
read(r2, 0x0, 0x0)

22:04:47 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:48 executing program 2:
clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
select(0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x38)
ptrace$cont(0x18, r0, 0x0, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0xc})
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r0, 0x0, 0x0)

22:04:48 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
poll(&(0x7f00000001c0)=[{}], 0x2466, 0x800000000004c)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0x9db4f421, 0x0, 0x0, 0x800e009be)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
poll(&(0x7f0000000040)=[{r0, 0x3}, {r2}], 0x2, 0x1ff)
shutdown(r1, 0x0)

22:04:48 executing program 2:
r0 = syz_open_dev$sg(&(0x7f0000001580)='/dev/sg#\x00', 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000080)={0x285})

22:04:48 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, 0xffffffffffffffff)

22:04:48 executing program 5:
poll(&(0x7f0000000000)=[{}], 0x1, 0x46)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00509)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r1, &(0x7f0000000300)=[{&(0x7f0000000980)=""/246, 0xf6}], 0x1)
shutdown(r0, 0x0)
shutdown(r1, 0x0)

22:04:48 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240))
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:48 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
write$cgroup_type(r0, &(0x7f0000000080)='threaded\x00', 0x571237)
ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000300))
removexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='trusted.overlay.origin\x00')

22:04:48 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, 0xffffffffffffffff)

22:04:48 executing program 5:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x50000}]})
lseek(r0, 0x0, 0x0)

22:04:49 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:49 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$TIPC_CMD_RESET_LINK_STATS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2)
getsockopt$inet_buf(r1, 0x0, 0x29, &(0x7f0000000000)=""/145, &(0x7f0000695ffc)=0x91)
getsockopt$inet6_udp_int(r0, 0x11, 0x65, 0x0, &(0x7f0000000100))

22:04:49 executing program 3:
r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2)
readv(r0, &(0x7f0000002a80)=[{&(0x7f0000001840)=""/127, 0x7f}], 0x1)
write$P9_RLERROR(r0, &(0x7f0000002b00)=ANY=[@ANYBLOB="14"], 0x1)

22:04:49 executing program 1:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='configfs\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
getdents(r0, &(0x7f00000000c0)=""/160, 0xa0)
getdents64(r0, 0x0, 0x0)

22:04:49 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240))
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:49 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
poll(&(0x7f0000000180), 0x23, 0x1000000004e)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xcfb3abb5, 0x0, 0x0, 0x800e00a4f)
poll(&(0x7f0000000140), 0x2000000000000004, 0x1fd)
shutdown(r1, 0x0)
shutdown(r0, 0x0)

22:04:49 executing program 1:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0)
pipe(&(0x7f0000000000))
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000100)=0xffffffff)

22:04:49 executing program 2:
mkdir(0x0, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000f40)={{{@in=@dev, @in=@broadcast}}, {{@in6}, 0x0, @in6=@initdev}}, 0x0)
getpgid(0x0)
prctl$PR_GET_NAME(0x10, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount(0x0, &(0x7f0000000380)='./file0\x00', 0x0, 0x0, &(0x7f0000000000))
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e2800", 0x26}], 0x1}, 0x0)

22:04:49 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/kvm\x00', 0x0, 0x0)
unshare(0x8000600)
ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, 0x0)

22:04:49 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r0)
creat(&(0x7f0000000680)='./bus\x00', 0x0)

22:04:50 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:50 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/kvm\x00', 0x0, 0x0)
unshare(0x8000600)
ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae0a, 0x0)

22:04:50 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x81a0ae8c, 0x0)
dup2(r2, r3)

22:04:50 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x4000000000000004)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r1, 0x0, 0xfffffffffffffea9, 0x20000800, &(0x7f00000000c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000000)='dctcp\x00', 0x6)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000280)="580000001400192340834b80040d8c5602067fffffff81000000000000dca87086a5c000004f6400940005891550f4a8000000006700008000f0fffeffff09000080fff5dd00000010000100000c0900fcff0000040e05a5", 0x58}], 0x1)

22:04:50 executing program 3:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
syz_open_dev$dmmidi(&(0x7f00000001c0)='/dev/dmmidi#\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x101400, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptmx\x00', 0x0, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:50 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:50 executing program 1:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, &(0x7f0000000340), 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:50 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000180)=0x1ff, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
r1 = perf_event_open(0x0, 0x0, 0x4000000000000002, 0xffffffffffffffff, 0xa)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @loopback}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00000000c0), 0x2ba)
recvmsg(r0, &(0x7f00000005c0)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f0000000740)=[{&(0x7f0000003ac0)=""/4096, 0xd400}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r2 = getpid()
r3 = getgid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000600)={<r4=>0x0}, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000780)={{{@in=@broadcast, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in6=@mcast1}, 0x0, @in=@multicast1}}, &(0x7f0000000680)=0xe8)
stat(0x0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f00000010c0))
getgid()
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001140)=[{&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000000480)=[{&(0x7f0000000240)="1ed6ffce34a4d1312fb0362b65cb0ff657bea4364036fb0e41f21979e7751f0071de15d25628ddfd26926dee4fe6c2dc46cc87654ce2827e95261826933190194b089e4e545878ec2afe5b1411546891", 0x50}, {&(0x7f00000001c0)="75ccdf8e7e6330a93e437bb655a3f2cc1b352d7ac9438b0a515342", 0x1b}, {&(0x7f0000000340)}, {&(0x7f00000003c0)="101dd83a1d3f56370f95a4437afe1da3c48a47efce6d4f22bda832bed475f1d773e00b27aece91b6f19a9da206ec49043d7ed4b678bd75d5a297a0ae68efffa3a1c634add43a87063ff9564c0b0c856b7f3ec7001651", 0x56}], 0x4, &(0x7f0000001200)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r2, @ANYRES32, @ANYRES32=r3, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r4, @ANYRES32=r5, @ANYRES32=r6, @ANYBLOB="0000792a1ab30f3ee1610000010017000000000000000000144f59fd6e070180883eb7a01dd04438f5353ebacb33affea4d68ee9adbba030531004b20c30c98592b0664e3fdc270c019ad49f02cc76a84240972c75d83f6234a4fbf8175e3c0a5782d3a5b77572c599c9a250b0900bd34ef49184f7f2cd623bc3a9e28b2891a8488924a58bef7f4096ae2b6285a1c471dbecb59b59", @ANYRES32=r1, @ANYRES32=r1], 0xd9, 0x20000000}, {&(0x7f0000000a00)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000700)=[{&(0x7f0000000a80)="28464e0cbed54a420ffd6449519a057dd57a0ccd7263321988c12c64944dfb23c4703b3ba8055ce25f0284c35168dc7c715e7651465087bdbc62733ca335695cc124962d1fe43aa0ad235bb3b3b9ac938dfa", 0x52}], 0x1}, {&(0x7f0000000c40)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000001040)=[{&(0x7f0000000cc0)="9a381a28632f2d7d5897464aefa9", 0xe}, {0x0}, {&(0x7f0000000d40)="40ae2627c447a777a0e895f1bd045f2dcac9fddb8ea707cff6730f0cc436fe4e4e254e013e44fdf171b44e2b6d46baf84c996c8fb70f399b4f63ac3f052cdd386379eae5b328ce105d9d7be354e8380612b379875c2955c383a40d906a2f4579df4cff427ec20a6e43eb996d0032b576d555850e8c1cc7522a3a5738592ea45d6e083b386941763a88ef6ecf9452157850d8a9574630d540c0b0d37699724bc1f98a3a25278db335ea628143c2d11da4f60be27685e45e622b19e27977cf674754e45fd96bd79aa1e324", 0xca}, {&(0x7f0000000e40)}, {0x0}, {&(0x7f0000000fc0)="ca22ac2f163f844a620c2c5de2fe82d78a23bf2f971fb79babf7455ed2e1563dcb677ffb0f9b71fffd7cd571f7f800bacf2cd2c9485779cc22ac844e02cec7cd52b0710881d2864a83a5", 0x4a}], 0x6, 0x0, 0x0, 0x40}], 0x3, 0x4000)
write$binfmt_elf64(r0, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd)

22:04:51 executing program 5:
r0 = gettid()
write$P9_RRENAME(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCSERGETLSR(0xffffffffffffffff, 0x5459, 0x0)
open$dir(0x0, 0x0, 0x0)
ioctl$KDDISABIO(0xffffffffffffffff, 0x4b37)
rename(&(0x7f0000000040)='./file1\x00', &(0x7f0000000180)='./file0\x00')
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
ioctl$PIO_UNISCRNMAP(0xffffffffffffffff, 0x4b6a, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x1c9c380}, {0x0, 0x9}}, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ptrace(0xffffffffffffffff, 0x0)
lchown(0x0, 0x0, 0x0)
tkill(r0, 0x1000000000016)

22:04:51 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:51 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/kvm\x00', 0x0, 0x0)
unshare(0x8000600)
ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae0a, &(0x7f0000000140)=""/4096)

22:04:51 executing program 5:
r0 = syz_open_dev$video(0x0, 0x400, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fuse\x00', 0x2, 0x0)
mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/sequencer\x00', 0x0, 0x0)
ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000400)={0x2, 0x2d, 0xd, 0x11, 0x2, 0x6, 0x0, 0xff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0xa000000000000005)
getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(0xffffffffffffffff, 0x84, 0x74, &(0x7f0000000f80)=""/55, &(0x7f0000001000)=0x37)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x0, 0x0)
ioctl$TIOCGPGRP(r2, 0x540f, 0x0)
ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x4)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x159)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000e80)={0x0, r3, 0x0, 0x14, &(0x7f0000000e40)='security.capability\x00'}, 0x30)
ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f0000000140))
setsockopt$inet_tcp_buf(r2, 0x6, 0x0, &(0x7f00000001c0)="a075fef96678009413d9678eff9bb516be24fa14c9d851e36240707f74cf807682ed64c3342e1c29998d491344f0d7dbaf076b7793f2f19cdd305111c4f704ccc6dc3c789cfdedc2d6f2d902906565cab80607987d39e5c4cd07d6858bfb750461bfacad9f74dd9b8ae6f08c2833b6fff8077bd0c85e59cf890c25fd", 0x7c)
gettid()
r4 = getpgrp(0x0)
setpriority(0x0, r4, 0x8001)
r5 = fcntl$dupfd(0xffffffffffffffff, 0x0, r3)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r0, 0x40305652, &(0x7f0000000380)={0x100000000, 0x5, 0x8, 0x5, 0x2, 0x9, 0xfffffffffffffff8})
r6 = open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1)
io_uring_register$IORING_REGISTER_FILES(r6, 0x2, &(0x7f0000000080)=[r5, r2], 0x2)
setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000500)=@v3={0x3000000, [{}, {0x692, 0x2}]}, 0x18, 0x0)
clone(0x4007fc, 0x0, 0xfffffffffffffffe, &(0x7f0000000280), 0xffffffffffffffff)
execve(&(0x7f0000000300)='./file0\x00', 0x0, 0x0)

22:04:51 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:51 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="287474dae6badf3ab85f04000000d2eb", 0x10)
r1 = accept(r0, 0x0, 0x0)
sendmmsg$inet6(r1, &(0x7f0000001600)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)="34d844e77a55875b3830ac9b788d38f6", 0x10}], 0x1}}, {{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000400)="ce08c9afa29b3f4cc437fb2af1644e34", 0x10}], 0x1}}], 0x2, 0x0)

22:04:51 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f00000000c0)={0x1c, 0x1})
dup3(r1, r2, 0x0)
dup2(r2, r3)

22:04:52 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptmx\x00', 0x0, 0x0)
pipe(&(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
flistxattr(r1, &(0x7f00000002c0)=""/143, 0x8f)
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000002540)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r4, &(0x7f0000002500)={&(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000002440)=[@rdma_args={0x48, 0x114, 0x3, {{}, {0x0}, 0x0}}], 0x48}, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000380)={0x0, <r5=>0x0})
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000001f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
shmctl$SHM_INFO(0x0, 0xe, &(0x7f0000000200)=""/155)
eventfd2(0x0, 0x0)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f00000003c0))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b7, 0x2c01}, &(0x7f0000000200)={0x0, r5+30000000}, 0x0)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:52 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:52 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
writev(r0, &(0x7f0000000280)=[{&(0x7f0000000040)="390000001300090069000007a2e407edab0080582900000046008107a277001419000a000d000000000003f5000000000000ef38bf461e59d7", 0x3e5}], 0x1)

22:04:52 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r3, 0x15)

22:04:52 executing program 2:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x4)

22:04:52 executing program 2:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x10000000013, &(0x7f0000000400)=0x1, 0x4)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, 0x0, 0x0)
fdatasync(0xffffffffffffffff)
connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
syz_genetlink_get_family_id$team(0x0)
getsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000100))
semget(0x0, 0x0, 0x20)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000b00)={'team0\x00'})
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, r0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)

[  455.540131][T17989] netlink: 'syz-executor.3': attribute type 10 has an invalid length.
[  455.549798][T17989] bridge0: port 3(hsr0) entered blocking state
[  455.556306][T17989] bridge0: port 3(hsr0) entered disabled state
[  455.564751][T17989] device hsr0 entered promiscuous mode
[  455.573198][T17989] bridge0: port 3(hsr0) entered blocking state
[  455.579598][T17989] bridge0: port 3(hsr0) entered forwarding state
22:04:52 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:52 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0)
getpid()
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x10000000013, &(0x7f0000000400)=0x1, 0x4)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f00000001c0)='veth1\x00', 0x10)
fdatasync(r1)
r6 = creat(&(0x7f00000002c0)='./file0\x00', 0x128)
syz_genetlink_get_family_id$team(0x0)
ioctl$NBD_SET_SOCK(r6, 0xab00, 0xffffffffffffffff)
getsockopt$inet_int(r6, 0x0, 0x7, &(0x7f0000000080), &(0x7f0000000100)=0x4)
semget(0x1, 0x3, 0x501)
r7 = semget(0x0, 0x1, 0x20)
semctl$GETZCNT(r7, 0x80000000000, 0xf, 0x0)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000880)={{{@in=@multicast1, @in=@loopback}}, {{@in=@multicast1}, 0x0, @in=@initdev}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000ac0)={'eql\x00'})
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000b00)={'team0\x00'})
setsockopt$inet_tcp_int(r5, 0x6, 0x24000000000013, &(0x7f0000000180), 0x4)
setsockopt$sock_int(r5, 0x1, 0x3c, &(0x7f0000000000)=0x1, 0x4)
sendto$inet(r5, &(0x7f0000000280)="de", 0x1, 0x4000054, 0x0, 0x0)
getsockname$inet(r4, &(0x7f0000000140), &(0x7f0000000300)=0x10)
clock_gettime(0x0, &(0x7f0000001a40))
sendmmsg(r5, &(0x7f00000019c0)=[{{&(0x7f0000000200)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, 0x80, 0x0}}, {{0x0, 0x33f, &(0x7f0000001980), 0x6e}}], 0x2, 0x4000014)
ioctl$DRM_IOCTL_GET_CAP(r4, 0xc010640c, &(0x7f0000000040)={0x4, 0x8})
epoll_ctl$EPOLL_CTL_DEL(r5, 0x2, r3)
dup2(r0, r2)

22:04:53 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r3, 0x15)

22:04:53 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
mmap(&(0x7f00001e1000/0x13000)=nil, 0x13000, 0x0, 0x4012, r1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000200)="bf", 0x1, 0x40048c5, 0x0, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000000)={&(0x7f00001ee000/0x2000)=nil, 0x2000}, &(0x7f0000000040)=0x10)

[  456.148941][T18013] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
22:04:53 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha256\x00'}, 0x58)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
io_setup(0x20000000001005, &(0x7f0000000880)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340), 0xfdef}])

22:04:53 executing program 3:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r2, &(0x7f00000000c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}, 0x4}}, 0x2e)

22:04:53 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:53 executing program 5:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000280)=ANY=[@ANYBLOB="000000002a59f059925c64f348af7207e3132435b3f6736b88e5e910b8326ca42daa1f44cbd26671945de658fdfcf264e76f11f5287e008ecf61b814e42d34a3fa136417cda430fccfab9f5ce625de0ebaf36c46f79203e20fab12a5d83a9cce765cdc4244b6b75d91a410d9", @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000000240)=0xc)

22:04:53 executing program 2:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
listen(r0, 0x8)
accept4(r0, 0x0, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)

22:04:53 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
dup2(r0, r1)

22:04:53 executing program 5:
r0 = syz_open_dev$video(0x0, 0x400, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fuse\x00', 0x2, 0x0)
mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/sequencer\x00', 0x0, 0x0)
ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000400)={0x2, 0x2d, 0xd, 0x11, 0x2, 0x6, 0x0, 0xff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0xa000000000000005)
getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(0xffffffffffffffff, 0x84, 0x74, &(0x7f0000000f80)=""/55, &(0x7f0000001000)=0x37)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x0, 0x0)
ioctl$TIOCGPGRP(r2, 0x540f, 0x0)
ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x4)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x159)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000e80)={0x0, r3, 0x0, 0x14, &(0x7f0000000e40)='security.capability\x00'}, 0x30)
ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f0000000140))
setsockopt$inet_tcp_buf(r2, 0x6, 0x0, &(0x7f00000001c0)="a075fef96678009413d9678eff9bb516be24fa14c9d851e36240707f74cf807682ed64c3342e1c29998d491344f0d7dbaf076b7793f2f19cdd305111c4f704ccc6dc3c789cfdedc2d6f2d902906565cab80607987d39e5c4cd07d6858bfb750461bfacad9f74dd9b8ae6f08c2833b6fff8077bd0c85e59cf890c25fd", 0x7c)
gettid()
r4 = getpgrp(0x0)
setpriority(0x0, r4, 0x8001)
r5 = fcntl$dupfd(0xffffffffffffffff, 0x0, r3)
write$apparmor_current(r5, &(0x7f0000000740)=ANY=[@ANYBLOB="6368616e67656861742030303430303030303030303026f8435a6375726974cd2320adc46361706162696c697479002d6d696d655fff00003a0000000069785f61636c5f616363657373005e7573657247504c5b00657d310073656375726974792e6361706162696c697479007b6c6f7b0000000000cefb228074d66a0e6175cae9c2dad5fb0c1c705886f5f5517ed7bf3dc96a32aa3c733f8727bfa037719c2004cc82c1bc6310621f6471eae58a4e4349b171ec2f93ccf9f6973df7bc796ddd733f425ec7d8cd690d0321d2045c321ffd09c87551d9077e3d5be5481c88238d39d20debb3a34d076ada9d4b203d1422c8797da0ec2b0dca97eb8252aef7af0546b3e5c7ac777929f330c2ce5ff47c5433110b0ef5210e6f0759261d5b298f0f0d7a303f3e68f22cb2dd2dc7f2ca3b2a97fa1e00000000000000000000000000001a000000000000000800000000000005fe"], 0x1)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r0, 0x40305652, &(0x7f0000000380)={0x100000000, 0x5, 0x8, 0x5, 0x2, 0x9, 0xfffffffffffffff8})
open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1)
setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000500)=@v3={0x3000000, [{}, {0x692, 0x2}]}, 0x18, 0x0)
clone(0x4007fc, 0x0, 0xfffffffffffffffe, &(0x7f0000000280), 0xffffffffffffffff)
execve(&(0x7f0000000300)='./file0\x00', 0x0, 0x0)

22:04:53 executing program 3:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
listen(r0, 0x8)
accept4(r0, &(0x7f0000000000)=@tipc=@id, &(0x7f00000000c0)=0x80, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)

22:04:53 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:53 executing program 1:
io_setup(0x1004, &(0x7f0000000200)=<r0=>0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000002c0)={'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\r', 0x20000005002})
io_submit(r0, 0x1, &(0x7f0000000600)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x800000000005, 0x0, r1, 0x0}])

22:04:54 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="287474dae6badf3ab85f04000000d2eb", 0x10)
accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = accept(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000001980)=[{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000380)="1c458780f391bf93f0248dbb5dc1566ee7", 0xfffffdef}], 0x1}], 0x1, 0x0)

22:04:54 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4048ae9b, &(0x7f0000000000))

22:04:54 executing program 1:
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='rpc_pipefs\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000))

22:04:54 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:54 executing program 2:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
listen(r0, 0x8)
accept4(r0, 0x0, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)

22:04:54 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="287474dae6badf3ab85f04000000d2eb", 0x10)
accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x800)
r1 = accept(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000001980)=[{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000380)="1c458780f391bf93f0248dbb5dc1566ee7", 0xfffffdef}], 0x1}], 0x1, 0x0)

22:04:54 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
dup2(r2, r3)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:04:55 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:55 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
dup2(r2, r3)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:04:55 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'aead\x00', 0x0, 0x0, 'morus640-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x10)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
io_setup(0x20000000001005, &(0x7f0000000880)=<r2=>0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmmsg(r1, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000000)="5dfbb3b25243ab5d091a38bab19ecb01ccef66e4a78f0d1af358e10ecc50494a2cf8f8e3f108c6252c761ec601ecb6d56548e91afa64eb58929844c9515a6f17b922d97172f7f0d577c49fc81d611816acd8e4a75a184cbd4e766edf81349880dbb6b40bb4863b9362b8412fad85ca0160a05bc6116c584329c6b826fc03c6be9af3", 0x82}, {&(0x7f00000000c0)="4ff48048a13f027accd9658f67e473ba14", 0x11}, {&(0x7f00000002c0)="89cfff71ddeeef5d5aa0f62c75ea6d3934e3f66db8b65954f1134c7d883673f2bfb447d8c786e0d51c86d4f9ad775f1b2ecf72ee28b04e5fec8daaaad05b53a626ce7d7d16d4c8cbb8606933a40724d7c293e1d4e7264ef99f5f4458ad7209d115e20836072a0bb96eabe4782c", 0x6d}, {&(0x7f0000000100)="1651bd69db4c3312c6c597434027fb4fef206457b79486ebfd8be33a231161afd9adbe5d036b67c8cc78457710cee52520e8cea2526b52e934d756c94f05f71dc5c991fddaae832193a68f19881b28f400814d86fd3194ad46597455dda39e7cd4941b193dee7e4f9750a0398dc5d058fe", 0x71}], 0x4}}], 0x1, 0x800)
io_submit(r2, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340), 0x9f6}])

22:04:55 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:55 executing program 2:

22:04:56 executing program 1:

22:04:56 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
dup2(r2, r3)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:04:56 executing program 2:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x50000}]})
r0 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fallocate(r0, 0x0, 0x0, 0x0)

22:04:56 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:56 executing program 1:
r0 = memfd_create(&(0x7f00000002c0)='system.sockprotoname\x00', 0x0)
mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r0, 0x0, 0x0)

22:04:56 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
dup2(r2, r3)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:04:56 executing program 1:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x50000}]})
r0 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, 0x0, 0x0)

22:04:56 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'aead\x00', 0x0, 0x0, 'morus640-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x10)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
io_setup(0x20000000001005, &(0x7f0000000880)=<r2=>0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmmsg(r1, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000000)="5dfbb3b25243ab5d091a38bab19ecb01ccef66e4a78f0d1af358e10ecc50494a2cf8f8e3f108c6252c761ec601ecb6d56548e91afa64eb58929844c9515a6f17b922d97172f7f0d577c49fc81d611816acd8e4a75a184cbd4e766edf81349880dbb6b40bb4863b9362b8412fad85ca0160a05bc6116c584329c6b826fc03c6be9af3", 0x82}, {&(0x7f00000000c0)="4ff48048a13f027accd9658f67e473ba14", 0x11}, {&(0x7f00000002c0)="89cfff71ddeeef5d5aa0f62c75ea6d3934e3f66db8b65954f1134c7d883673f2bfb447d8c786e0d51c86d4f9ad775f1b2ecf72ee28b04e5fec8daaaad05b53a626ce7d7d16d4c8cbb8606933a40724d7c293e1d4e7264ef99f5f4458ad7209d115e20836072a0bb96eabe4782c", 0x6d}, {&(0x7f0000000100)="1651bd69db4c3312c6c597434027fb4fef206457b79486ebfd8be33a231161afd9adbe5d036b67c8cc78457710cee52520e8cea2526b52e934d756c94f05f71dc5c991fddaae832193a68f19881b28f400814d86fd3194ad46597455dda39e7cd4941b193dee7e4f9750a0398dc5d058fe", 0x71}], 0x4}}], 0x1, 0x800)
io_submit(r2, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340), 0x9f6}])

22:04:56 executing program 2:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x0, 0x0)
ioctl$TIOCGSERIAL(0xffffffffffffffff, 0x541e, 0x0)
getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, 0x0, 0x0)
setsockopt(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0)
setsockopt(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
rt_sigpending(0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
request_key(0x0, 0x0, &(0x7f0000004740)='eth0)\x00', 0xfffffffffffffffe)

22:04:56 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
dup2(r2, r3)
gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)

22:04:56 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:56 executing program 1:
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000))

22:04:57 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'aead\x00', 0x0, 0x0, 'morus640-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x10)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
io_setup(0x20000000001005, &(0x7f0000000880)=<r2=>0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmmsg(r1, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000000)="5dfbb3b25243ab5d091a38bab19ecb01ccef66e4a78f0d1af358e10ecc50494a2cf8f8e3f108c6252c761ec601ecb6d56548e91afa64eb58929844c9515a6f17b922d97172f7f0d577c49fc81d611816acd8e4a75a184cbd4e766edf81349880dbb6b40bb4863b9362b8412fad85ca0160a05bc6116c584329c6b826fc03c6be9af3", 0x82}, {&(0x7f00000000c0)="4ff48048a13f027accd9658f67e473ba14", 0x11}, {&(0x7f00000002c0)="89cfff71ddeeef5d5aa0f62c75ea6d3934e3f66db8b65954f1134c7d883673f2bfb447d8c786e0d51c86d4f9ad775f1b2ecf72ee28b04e5fec8daaaad05b53a626ce7d7d16d4c8cbb8606933a40724d7c293e1d4e7264ef99f5f4458ad7209d115e20836072a0bb96eabe4782c", 0x6d}, {&(0x7f0000000100)="1651bd69db4c3312c6c597434027fb4fef206457b79486ebfd8be33a231161afd9adbe5d036b67c8cc78457710cee52520e8cea2526b52e934d756c94f05f71dc5c991fddaae832193a68f19881b28f400814d86fd3194ad46597455dda39e7cd4941b193dee7e4f9750a0398dc5d058fe", 0x71}], 0x4}}], 0x1, 0x800)
io_submit(r2, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340), 0x9f6}])

22:04:57 executing program 2:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(0x0)
write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)

22:04:57 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
dup2(r2, r3)
gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)

22:04:57 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:57 executing program 1:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x12000000013, &(0x7f0000d06000)=0x1, 0xb)
connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @loopback}, 0x6a)
setsockopt$inet_tcp_int(r0, 0x6, 0x4000000000014, &(0x7f0000000180)=0x80000000001, 0x4)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$P9_RREMOVE(r1, &(0x7f0000000000)={0x7}, 0x7)
recvmmsg(r0, &(0x7f00000001c0), 0x315, 0xea225aec34b1dd0e, 0x0)

22:04:57 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$TIOCGLCKTRMIOS(0xffffffffffffffff, 0x5456, &(0x7f0000000080)={0x200})
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x6, &(0x7f0000000100)={&(0x7f0000000040)={0xc7, 0x36, 0x829, 0x0, 0x0, {0x1, 0x1000000}, [@nested={0x18, 0x0, [@typed={0x3b, 0x1, @ipv6=@loopback={0xffff000000000000}}]}]}, 0xfde8}, 0x1, 0xffffff7f0e000000}, 0x0)

22:04:57 executing program 2:

22:04:57 executing program 5:

22:04:57 executing program 2:
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='rpc_pipefs\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000))
socket$inet(0x10, 0x0, 0x0)

22:04:57 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'aead\x00', 0x0, 0x0, 'morus640-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x10)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
io_setup(0x20000000001005, &(0x7f0000000880)=<r2=>0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_submit(r2, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340), 0xfdef}])

22:04:57 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000480)={0x2, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:57 executing program 5:
r0 = semget(0x2, 0x3, 0x200)
semctl$IPC_RMID(r0, 0x0, 0x0)

22:04:58 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
dup2(r2, r3)
gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)

22:04:58 executing program 5:
socket$inet_tcp(0x2, 0x1, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptmx\x00', 0x0, 0x0)
pipe(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$rds(0x15, 0x5, 0x0)
write(r1, &(0x7f0000000340), 0x41395527)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000380))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b7}, 0x0, 0x0)
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:58 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000900)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
preadv(r1, &(0x7f0000000300)=[{&(0x7f0000000040)=""/172, 0xac}, {&(0x7f0000000100)=""/73, 0x49}, {&(0x7f00000001c0)=""/24, 0x18}, {&(0x7f00000003c0)=""/149, 0x95}], 0x4, 0x0)

22:04:58 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:58 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KDGKBSENT(0xffffffffffffffff, 0x4b48, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="287474dae6badf3ab85f04000000d2eb", 0x10)
accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x800)
r1 = accept(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000001980)=[{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000380)="1c458780f391bf93f0248dbb5dc1566ee7", 0xfffffdef}], 0x1}], 0x1, 0x0)

22:04:58 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="287474dae6badf3ab85f04000000d2eb", 0x10)
r1 = accept(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000001980)=[{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000380)="1c458780f391bf93f0248dbb5dc1566ee7", 0xfffffdef}], 0x1}], 0x1, 0x0)

22:04:59 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:04:59 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
dup2(r2, r3)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
tkill(r4, 0x15)

22:04:59 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_ifreq(r0, 0x89f2, &(0x7f0000000180)={'ip6_vti0\x00', @ifru_flags})

22:04:59 executing program 5:
r0 = epoll_create1(0x0)
r1 = epoll_create1(0x0)
r2 = timerfd_create(0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)={0x20000001})
dup3(r2, r1, 0x0)

22:04:59 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:00 executing program 2:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000200)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

22:05:00 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'aead\x00', 0x0, 0x0, 'morus640-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x10)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
io_setup(0x20000000001005, &(0x7f0000000880)=<r2=>0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
io_submit(r2, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340), 0xfdef}])

22:05:00 executing program 1:
r0 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r0, &(0x7f00000002c0), 0x10)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', <r3=>0x0})
sendmsg$can_raw(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x1d, r3}, 0x10, &(0x7f00000000c0)={&(0x7f0000000180)=@can={{}, 0x0, 0x0, 0x0, 0x0, "552f30fc1e5e162e"}, 0x10}}, 0x0)
recvmmsg(r0, &(0x7f0000001340)=[{{&(0x7f00000001c0)=@pptp={0x18, 0x2, {0x0, @empty}}, 0x80, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x3, 0x0)

[  463.211282][T18271] input: syz1 as /devices/virtual/input/input6
22:05:00 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:00 executing program 1:
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="020a0000020000000000344200000000"], 0x10}}, 0x0)

22:05:01 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  464.014503][T18288] input: syz1 as /devices/virtual/input/input7
22:05:01 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

22:05:01 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x4})
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(r2, r3)

22:05:02 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
dup2(r2, r3)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
tkill(r4, 0x15)

22:05:02 executing program 1:
r0 = epoll_create1(0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)={0x20000001})

22:05:02 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:02 executing program 2:
r0 = epoll_create1(0x0)
r1 = epoll_create1(0x0)
r2 = timerfd_create(0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0))
epoll_pwait(r1, &(0x7f0000000100)=[{}], 0x1, 0xffffffffffffffff, 0x0, 0x3)
r3 = dup3(r2, r1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000000000))

22:05:02 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
write$cgroup_type(r0, &(0x7f0000000080)='threaded\x00', 0x571237)
removexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='trusted.overlay.origin\x00')

22:05:02 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:02 executing program 1:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002000), 0x1000)
socket$inet_udplite(0x2, 0x2, 0x88)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, 0x1}, 0x50)
r1 = gettid()
lsetxattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB='o'], 0x0, 0x0, 0x0)
tkill(r1, 0x1000000000016)
ppoll(&(0x7f0000000180)=[{r0}], 0x1, 0x0, 0x0, 0x0)
read$FUSE(r0, &(0x7f0000000480), 0x1000)

22:05:03 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
write$cgroup_type(r0, &(0x7f0000000080)='threaded\x00', 0x571237)
removexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='trusted.overlay.origin\x00')

22:05:03 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:03 executing program 2:
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f00000017c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000380)=ANY=[@ANYBLOB='\b'], 0x1)

22:05:03 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x1, 0x0, [{0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:03 executing program 2:

22:05:05 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
dup2(r2, r3)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
tkill(r4, 0x15)

22:05:05 executing program 2:

22:05:05 executing program 5:
mkdir(0x0, 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x50000}]})
timer_settime(0x0, 0x0, 0x0, 0x0)

22:05:05 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(0xffffffffffffffff, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:05 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:05 executing program 2:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)='/\x00~WM\x04\x030\x80\x90\"\xcf\xde&U]\xc9\xec\xfe\x19t@n\xda\xd3\x83dx-c\xb6a(T\xb9\xe4\x9d\xbd\xca\xefq\x81\x97\xe3~\x87\n0\x8b\x1e:y\x8f\xa7\x88\xa4m0%\xef\x93>Q\x82\x8a\xb6u\x06N*\xdb\xe9\x12d#\xb4\xa7=h\xfb\xe9\x9cm\xb2\xf1`\xd4\x9c\xb6\xcc\xe7l\'(\x9aOk\xd1l\xff\xf6\x0f\x8duv\xeb\xbbhE\x14r\xd5\x9d\tsT\xaa\xa5\x86\r#\x83\xdf\x87Rk\xaa\x18M\x90\xbbw)6l\x17\xbc3\xd7e\xe9\xbc/\x88*\x13\xf3\xa9\xc1\xf6\x06`\xbdO\xd2\xfa1\xd2\xc0\xa7u$\"\x89\xbc\xe0b\xd1\r$\xde\xd5@i\x18\xa6k,u\xc4?\xe1\xffE\x8a\xe5\xcd\x9f\xecc\x03\x9b\xa5\xa7\xb6j`\xed\xe5\xcc\xda\xbc~\xe7v`\xef#X\xcc\xdf\xf0\"&\x02\x13\x84\xb0\xc25\xf1\x14\xed\x9a\xde\x92vz\xec\xc2V\xac\xde\xb6\x10\xdfB\xe7\x16\x9f$\x03W\xf75\xae_\xe2\x90\x17\xe5\x1e\'%/H\xb9[\xfb\xbb:\x86U5)\x8b\xdc6\xd7\x1d\xb65\xf4\x1cWw\x1d\xb7z\xea\xff\x88?\xeb=\xc3\xcc$\xbd<\x03n9j\xd3\xaf7\x94PX\x83\x9e\x81\"p\xbc@\x90\x1f\xa6T\xe7\xcc2\x92\xa8/\xc8\f7M\xc0qB\xa1\xc2\xe9\xd3\xe2R\x8eO\xda\xc3+\xca\xef\xe9\x10\xeb', 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x0)
fcntl$notify(0xffffffffffffffff, 0x402, 0x0)

22:05:06 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'aead\x00', 0x0, 0x0, 'morus640-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x10)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
io_setup(0x20000000001005, &(0x7f0000000880)=<r2=>0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmmsg(r1, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000000)="5dfbb3b25243ab5d091a38bab19ecb01ccef66e4a78f0d1af358e10ecc50494a2cf8f8e3f108c6252c761ec601ecb6d56548e91afa64eb58929844c9515a6f17b922d97172f7f0d577c49fc81d611816acd8e4a75a184cbd4e766edf81349880dbb6b4", 0x63}, {&(0x7f00000000c0)="4ff48048a13f027accd9658f67e473ba148e7ab6fbd9cc", 0x17}, {&(0x7f0000000100)}], 0x3}}], 0x1, 0x800)
io_submit(r2, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340), 0xfdef}])

22:05:06 executing program 2:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'aead\x00', 0x0, 0x0, 'morus640-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x10)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
io_setup(0x20000000001005, &(0x7f0000000880)=<r2=>0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmmsg(r1, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000000)="5dfbb3b25243ab5d091a38bab19ecb01", 0x10}], 0x1}}], 0x1, 0x800)
io_submit(r2, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340), 0xfdef}])

22:05:06 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000003c0)=@deltfilter={0x24, 0x2d, 0x25, 0x0, 0x0, {0x0, 0x0, {0x2}}}, 0x24}}, 0x0)

22:05:06 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0)
r1 = syz_open_dev$binder(0x0, 0x0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r3 = dup2(r1, r0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000a00)={0x8, 0x0, &(0x7f0000000840)=[@release={0x4008630a}], 0x0, 0x0, 0x0})

22:05:06 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(0xffffffffffffffff, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:06 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  469.747437][T18402] binder: BC_ATTEMPT_ACQUIRE not supported
[  469.754255][T18402] binder: 18401:18402 ioctl c0306201 20000a00 returned -22
22:05:08 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
dup2(r2, r3)
r4 = gettid()
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:08 executing program 2:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x5, &(0x7f0000000380))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
clock_gettime(0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
close(r0)
openat$vimc1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video1\x00', 0x2, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r4, &(0x7f0000fe5000/0x18000)=nil, 0x0, 0xfffffeb0, 0x0, 0x0, 0x0)

22:05:08 executing program 1:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000140)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_SERIAL(r0, 0xc0404309, &(0x7f0000000180))

22:05:08 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
read(r0, &(0x7f0000000080)=""/184, 0xb8)
r1 = dup(r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r2, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00505)
shutdown(r1, 0x0)
poll(0x0, 0x0, 0x8000000000049)
socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(0xffffffffffffffff, 0x0, 0xfffffdfe, 0x0, 0x0, 0x800e00869)
shutdown(0xffffffffffffffff, 0x0)
dup(0xffffffffffffffff)
shutdown(0xffffffffffffffff, 0x0)
r3 = socket$inet6_sctp(0x1c, 0x5, 0x84)
readv(r3, &(0x7f0000000700)=[{&(0x7f0000000000)=""/35, 0x23}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x100000000000000c)
shutdown(r2, 0x0)

22:05:08 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(0xffffffffffffffff, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:08 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:09 executing program 1:
poll(&(0x7f00000001c0)=[{}], 0x20b3, 0x800000000004c)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0x9db4f421, 0x0, 0x0, 0x800e009be)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
poll(&(0x7f0000000000)=[{r1, 0x85}], 0x1, 0x0)
poll(&(0x7f0000000040)=[{r1}], 0x1, 0x1ff)
shutdown(r0, 0x0)

22:05:09 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f00000015c0)=[{&(0x7f0000000040)=""/44, 0x2c}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xfffffecb, 0x0, 0x0, 0x800e00515)
shutdown(r0, 0x0)
readv(r0, &(0x7f0000000140)=[{&(0x7f0000000080)=""/59, 0x3b}, {0x0}], 0x2)
recvfrom$inet(r1, 0x0, 0x2c2d, 0x0, 0x0, 0x800e0050e)
shutdown(r1, 0x0)

22:05:09 executing program 1:
poll(&(0x7f00000000c0)=[{}, {}], 0x2, 0x42)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00509)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000100)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x4}, 0x0)
r2 = dup(r1)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r3, 0x0, 0xfec5, 0x0, 0x0, 0x800e00505)
shutdown(r2, 0x0)
poll(0x0, 0x0, 0x9b)
shutdown(r3, 0x0)
shutdown(r0, 0x0)

22:05:09 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r0, &(0x7f0000000480)={0x0, 0x1b, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/215, 0xd7}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6}, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00515)
shutdown(r0, 0x0)
dup(0xffffffffffffffff)
shutdown(0xffffffffffffffff, 0x0)
r2 = socket$inet6_sctp(0x1c, 0x5, 0x84)
read(r2, &(0x7f0000000100)=""/44, 0x2c)
shutdown(r1, 0x0)

22:05:09 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f0000000680)=[{&(0x7f0000000180)=""/214, 0xd6}, {0x0}], 0x100000000000000c)
r1 = dup(r0)
r2 = dup(r1)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r3, 0x0, 0x2a80, 0x0, 0x0, 0x800e00506)
shutdown(r2, 0x0)
getpeername(r1, 0x0, &(0x7f0000000080))
recvfrom$inet(r3, 0x0, 0x1789836bed901fc7, 0x2, 0x0, 0x800e0050e)
shutdown(r3, 0x0)

22:05:09 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
poll(&(0x7f00000001c0)=[{}], 0x20b3, 0x800000000004c)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0x9db4f421, 0x0, 0x0, 0x800e009be)
poll(&(0x7f0000000000)=[{r0, 0xc0}, {r1, 0x4}], 0x2, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
poll(&(0x7f0000000040)=[{r0, 0x3}, {r2}], 0x2, 0x1ff)
shutdown(r1, 0x0)

22:05:11 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
dup2(r2, r3)
r4 = gettid()
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:11 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
readv(r0, &(0x7f0000000740)=[{&(0x7f00000001c0)=""/222, 0xde}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x8)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r2, 0x0, 0x73a0b1b, 0x0, 0x0, 0x800e00549)
shutdown(r1, 0x0)
dup(0xffffffffffffffff)
shutdown(0xffffffffffffffff, 0x0)
r3 = socket$inet6_sctp(0x1c, 0x5, 0x84)
readv(r3, &(0x7f0000000800)=[{&(0x7f0000000040)=""/19, 0x13}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x8)
shutdown(r2, 0x0)

22:05:11 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:11 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:11 executing program 2:
poll(&(0x7f00000000c0)=[{}, {}, {}, {}], 0x1a3, 0x42)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00509)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000100)=""/194, 0xc2}, {0x0}], 0x2}, 0x2)
r2 = dup(r1)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r3, 0x0, 0xfec5, 0x0, 0x0, 0x800e00505)
shutdown(r2, 0x0)
poll(&(0x7f0000000080)=[{}], 0x1, 0xcd)
shutdown(r3, 0x0)
shutdown(r0, 0x0)

22:05:11 executing program 5:
socket$inet_udplite(0x2, 0x2, 0x88)
poll(&(0x7f0000000180), 0x23, 0x1000000004e)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0xcfb3abb5, 0x0, 0x0, 0x800e00a4f)
poll(&(0x7f0000000140), 0x2000000000000004, 0x1fd)
shutdown(r0, 0x0)

22:05:12 executing program 1:
poll(&(0x7f00000000c0)=[{}, {}, {}, {}], 0x1a3, 0x42)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00509)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000100)=""/194, 0xc2}, {0x0}], 0x2}, 0x2)
r2 = dup(r1)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r3, 0x0, 0xfec5, 0x0, 0x0, 0x800e00505)
shutdown(r2, 0x0)
poll(&(0x7f0000000080)=[{r2}], 0x1, 0xcd)
shutdown(r3, 0x0)
shutdown(r0, 0x0)

22:05:12 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r1, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001600)=[{&(0x7f0000000000)=""/8, 0x8}, {0x0}, {0x0}, {0x0}], 0x4}, 0x0)
recvfrom$inet(r2, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00505)
shutdown(r1, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000018c0)=[{&(0x7f0000000580)=""/4096, 0x1000}], 0x1}, 0x0)
r4 = dup(r3)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r5, 0x0, 0xccf3, 0x0, 0x0, 0x800e0050e)
shutdown(r4, 0x0)
read(r2, &(0x7f0000000200)=""/151, 0x97)
shutdown(r5, 0x0)
shutdown(r2, 0x0)

22:05:12 executing program 5:
poll(&(0x7f00000000c0)=[{}, {}, {}, {}], 0x1a3, 0x42)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00509)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000100)=""/194, 0xc2}, {0x0}, {0x0}], 0x3}, 0x2)
r2 = dup(r1)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r3, 0x0, 0xfec5, 0x0, 0x0, 0x800e00505)
shutdown(r2, 0x0)
poll(0x0, 0x0, 0x9b)
shutdown(r3, 0x0)
shutdown(r0, 0x0)

22:05:12 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:12 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:12 executing program 1:
poll(&(0x7f00000000c0)=[{}, {}, {}, {}], 0x1a3, 0x42)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00509)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000100)=""/194, 0xc2}], 0x1}, 0x2)
r2 = dup(r1)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r3, 0x0, 0xfec5, 0x0, 0x0, 0x800e00505)
shutdown(r2, 0x0)
poll(&(0x7f0000000080)=[{r2}], 0x1, 0xcd)
shutdown(r3, 0x0)
shutdown(r0, 0x0)

22:05:15 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
dup2(r2, r3)
r4 = gettid()
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:15 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
poll(&(0x7f00000001c0)=[{}], 0x20b3, 0x800000000004c)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0x9db4f421, 0x0, 0x0, 0x800e009be)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
poll(&(0x7f0000000000)=[{r2, 0x85}], 0x1, 0x0)
poll(&(0x7f0000000040)=[{r0, 0x3}, {r2}], 0x2, 0x1ff)
shutdown(r1, 0x0)

22:05:15 executing program 5:
poll(&(0x7f00000000c0)=[{}, {}, {}], 0x3, 0x42)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00509)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000100)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x4}, 0x0)
r2 = dup(r1)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r3, 0x0, 0xfec5, 0x0, 0x0, 0x800e00505)
shutdown(r2, 0x0)
poll(0x0, 0x0, 0x9b)
shutdown(r3, 0x0)
shutdown(r0, 0x0)

22:05:15 executing program 1:
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000040))
poll(&(0x7f0000000180), 0x23, 0x1000000004e)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0xcfb3abb5, 0x0, 0x0, 0x800e00a4f)
shutdown(r0, 0x0)

22:05:15 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:15 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:15 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f0000001800)=[{&(0x7f0000000140)=""/186, 0xba}, {0x0}], 0x2)
r1 = dup(r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r2, 0x0, 0xff79, 0x0, 0x0, 0x800e00549)
shutdown(r1, 0x0)
r3 = dup(r2)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000040)=""/18, 0x12}], 0x1}, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r5, 0x0, 0xbf9d, 0x0, 0x0, 0x800e0053e)
shutdown(r4, 0x0)
recvfrom$inet(r3, &(0x7f0000000080)=""/90, 0x5a, 0x0, 0x0, 0x0)
shutdown(r5, 0x0)
shutdown(r3, 0x0)

22:05:15 executing program 1:

22:05:15 executing program 1:

22:05:15 executing program 1:

22:05:15 executing program 1:

22:05:15 executing program 5:

22:05:18 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
dup2(r2, r3)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(0x0, 0x15)

22:05:18 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
dup(r0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0x73a0b1b, 0x0, 0x0, 0x800e00549)
setsockopt$sock_timeval(r1, 0xffff, 0x1006, &(0x7f0000000100)={0x403d, 0xfffffffffffffffc}, 0x10)
r2 = dup(r1)
fcntl$getflags(0xffffffffffffffff, 0x1)
recvfrom$inet(r1, 0x0, 0x530e, 0x2, 0x0, 0x800e0053d)
shutdown(r2, 0x0)

22:05:18 executing program 2:

22:05:18 executing program 5:

22:05:18 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:18 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:18 executing program 5:

22:05:18 executing program 2:

22:05:18 executing program 1:

22:05:18 executing program 5:

22:05:18 executing program 2:
r0 = socket$alg(0x26, 0x5, 0x0)
syz_open_dev$radio(0x0, 0x0, 0x2)
r1 = getpid()
sched_setscheduler(r1, 0x5, &(0x7f0000000380))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
clock_gettime(0x0, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
close(r0)
openat$vimc1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video1\x00', 0x2, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0x6611)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe5000/0x18000)=nil, 0x0, 0xfffffeb0, 0x0, 0x0, 0x0)

22:05:18 executing program 1:
r0 = open(&(0x7f0000000500)='./bus\x00', 0x141042, 0x0)
close(r0)

22:05:19 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
dup2(r2, r3)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(0x0, 0x15)

22:05:19 executing program 5:
socket$inet_tcp(0x2, 0x1, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptmx\x00', 0x0, 0x0)
pipe(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$rds(0x15, 0x5, 0x0)
write(r1, &(0x7f0000000340), 0x41395527)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000380)={0x0, <r2=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b7}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0)
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:19 executing program 2:
r0 = syz_open_procfs(0x0, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='rpc_pipefs\x00', 0x0, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
getpid()
rmdir(&(0x7f0000000200)='./file0\x00')
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000f40)={{{@in=@dev, @in=@broadcast}}, {{@in6}, 0x0, @in6=@initdev}}, &(0x7f0000001040)=0xe8)
getpgid(0x0)
prctl$PR_GET_NAME(0x10, 0x0)
syslog(0x9, &(0x7f0000000240)=""/62, 0x3e)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000))
r1 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e28000000110affff82aba0aa1c0009b356da5a80918b06b20cd37ed01cc000"/76, 0x4c}], 0x1}, 0x0)

22:05:19 executing program 1:

22:05:19 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:19 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:19 executing program 1:

[  482.184444][T18642] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[  482.301525][T18644] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
22:05:19 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'aead\x00', 0x0, 0x0, 'morus640-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x10)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
io_setup(0x20000000001005, &(0x7f0000000880)=<r2=>0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
io_submit(r2, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340), 0xfdef}])

22:05:19 executing program 2:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'aead\x00', 0x0, 0x0, 'morus640-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x10)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
io_setup(0x20000000001005, &(0x7f0000000880)=<r2=>0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmmsg(r1, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000000)="5dfbb3b25243ab5d091a38bab19ecb01ccef66e4a78f0d1af358e10ecc50494a2cf8f8e3f108c6252c761ec601ecb6d56548e91afa64eb58929844c9515a6f17b922d97172f7f0d577c49fc81d611816acd8e4a75a184cbd4e766edf81349880dbb6b40bb4863b9362b8412fad85ca0160a05bc6116c584329c6b826fc03c6be9af308f1249943c8fdbfab778570e8fc", 0x90}, {&(0x7f00000000c0)="4ff48048a13f027accd9658f67e473ba14", 0x11}, {&(0x7f00000002c0)="89cfff71ddeeef5d5aa0f62c75ea6d3934e3f66db8b65954f1134c7d883673f2bfb447d8c786e0d51c86d4f9ad775f1b2ecf72ee28b04e5fec8daaaad05b", 0x3e}, {&(0x7f0000000100)="1651bd69db4c3312c6c597434027fb4fef206457b79486ebfd8be33a231161afd9adbe5d036b67c8cc78457710cee52520e8cea2526b52e934d756c94f05f71dc5c991fddaae832193a68f19881b28f400814d86", 0x54}, {0x0}], 0x5}}], 0x1, 0x800)
io_submit(r2, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340), 0xfdef}])

22:05:20 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(0x0)
write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:20 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
dup2(r2, r3)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(0x0, 0x15)

22:05:20 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x10, 0x3, 0x0)
setsockopt$inet6_MRT6_DEL_MFC(0xffffffffffffffff, 0x29, 0xd1, &(0x7f0000000000)={{0xa, 0x0, 0x0, @dev}, {0xa, 0x0, 0x0, @mcast2}}, 0x5c)
sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="e3"], 0x1}}, 0x0)
ioctl$sock_ifreq(r1, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00', @ifru_flags})
socket$inet(0x10, 0x3, 0x0)

22:05:20 executing program 2:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'aead\x00', 0x0, 0x0, 'morus640-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x10)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
io_setup(0x20000000001005, &(0x7f0000000880)=<r2=>0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmmsg(r1, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000000)="5dfbb3b25243ab5d091a38bab19ecb01ccef66e4a78f0d1af358e10ecc50494a2cf8f8e3f108c6252c761ec601ecb6d56548e91afa64eb58929844c9515a6f17b922d97172f7f0d577c49fc81d611816acd8e4a75a184c", 0x57}, {&(0x7f00000000c0)}, {0x0}, {&(0x7f0000001480)="9ddc2ec58cf4eb5660a6af80deb70fd9f221e27323288303b710cc2ddd8739102009397fffca0d5abd3c17ec4fd26cd5c608486daf7fb2219b553ffba2b671a7bfdb3d521eb84788f801855b233a8420c68e2c0f4d019e980584d85d3f55f835a8bae7c8da7142b760f563fefa2dff0e77d56f9201851b352f5f12fb0ec140d2170cde5935ce0a51836621d567bc03f79ce51f3c0c4e3e26e50fab77b5c2afc7841407e4b191c66332a60ba3defd3b58b099a2523c47d50f331bf452b8a0d2ead3213269b4834eaac0f9e8df8a0b41603b9735a443a3ef10eb28776a14b69e08c27977a183abbc3bf16cc2830c4d3f9cfd6c1116e1dfda4f0b92af52020f287dd27f1e2cd5625200d9e88ce1c5572b7c2156022bc952b385496997d419217f0c989d9967e30b2458b6b74c9920af31eba18d18b6ff221a02da06dd56eeca9f453a556f2ce06a94419b515018c736ceea5ff7860c4ac86f7dd0e48f0f2a22ab620eb6eb87b0432d148273bd0c4135c2b1eb010fd9db26efcaeed3e723b34206c69457aa8b18d57fc8ad8e7a40ca81af6883666bcbe6e078dbacd60d48a3e53a19cb64b1d79d7581e22e0ae66d0b969796eed30da744f5e974d53c782186e7334282bc5311fd21bf020b6ad72df21a4f7676c0f3206b51f154434270c15ee1db615f2aecc6470c8d4b0810998dbbd2207a55f58c3d671aeffc63edbcb2a370a4f63084580fa1c51afd616c418900c06c2be93a47eba51ad963cebf0eacc993fa7de8733f3602201b028b40", 0x22a}], 0x4}}], 0x1, 0x800)
io_submit(r2, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340), 0xfdef}])

22:05:20 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:20 executing program 5:
r0 = syz_open_procfs(0x0, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='rpc_pipefs\x00', 0x0, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
getpid()
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000f40)={{{@in=@dev, @in=@broadcast}}, {{@in6}, 0x0, @in6=@initdev}}, &(0x7f0000001040)=0xe8)
r1 = getpgid(0x0)
prctl$PR_GET_NAME(0x10, 0x0)
sendmmsg$unix(r0, &(0x7f0000004c80)=[{&(0x7f0000000280)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000200), 0x0, &(0x7f00000008c0)=ANY=[@ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='(\x00\x00\x00', @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r0, @ANYBLOB, @ANYRES32=r0, @ANYRES32, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00'], 0x5f, 0x90}, {&(0x7f0000000a00)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32, @ANYBLOB='\x00\x00\x00\x000\x00', @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32=r1, @ANYRES32, @ANYBLOB, @ANYRES32=r0, @ANYRES64=0x0, @ANYRES32, @ANYBLOB, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB='\x00\x00\x00'], 0x49, 0x804}], 0x2, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000))
r2 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r2, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e28000000110affff82aba0aa1c0009b356da5a80918b06b20cd37ed01cc000"/76, 0x4c}], 0x1}, 0x0)

22:05:20 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

[  483.753154][T18694] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'.
22:05:21 executing program 5:
r0 = syz_open_procfs(0x0, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='rpc_pipefs\x00', 0x0, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
getpid()
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000f40)={{{@in=@dev, @in=@broadcast}}, {{@in6}, 0x0, @in6=@initdev}}, &(0x7f0000001040)=0xe8)
r1 = getpgid(0x0)
prctl$PR_GET_NAME(0x10, 0x0)
sendmmsg$unix(r0, &(0x7f0000004c80)=[{&(0x7f0000000280)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000200), 0x0, &(0x7f00000008c0)=ANY=[@ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='(\x00\x00\x00', @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r0, @ANYBLOB, @ANYRES32=r0, @ANYRES32, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00'], 0x5f, 0x90}, {&(0x7f0000000a00)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32, @ANYBLOB='\x00\x00\x00\x000\x00', @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32=r1, @ANYRES32, @ANYBLOB, @ANYRES32=r0, @ANYRES64=0x0, @ANYRES32, @ANYBLOB, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB='\x00\x00\x00'], 0x49, 0x804}], 0x2, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000))
r2 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r2, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e28000000110affff82aba0aa1c0009b356da5a80918b06b20cd37ed01cc000"/76, 0x4c}], 0x1}, 0x0)

22:05:21 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(0x0)
write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:21 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x7)
ioctl$PIO_CMAP(r0, 0x4b71, 0x0)

[  484.195968][T18702] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'.
22:05:21 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4048ae9b, &(0x7f0000000000)={0x0, 0x0, 0x8})
dup2(r2, r3)

22:05:21 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:21 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:21 executing program 2:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
syz_open_dev$dmmidi(0x0, 0x6, 0x400)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x4000, 0x0)
ioctl$PERF_EVENT_IOC_RESET(r3, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x101400, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480)={0x3, 0x0, [{0xd, 0x81, 0x0, 0x5}, {0x0, 0x0, 0x0, 0x1, 0x1ff, 0x10001, 0x7}, {0xc0000001, 0x4, 0x0, 0x2a9c, 0x6, 0x976, 0x3f90}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000440)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
write(r5, &(0x7f0000000340), 0x41395527)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:21 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
syz_open_dev$radio(0x0, 0x0, 0x2)
r1 = getpid()
sched_setscheduler(r1, 0x5, &(0x7f0000000380))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
clock_gettime(0x0, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
close(r0)
openat$vimc1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video1\x00', 0x2, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r4, &(0x7f0000fe5000/0x18000)=nil, 0x0, 0xfffffeb0, 0x0, 0x0, 0x0)

22:05:21 executing program 5:
socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$mice(&(0x7f00000002c0)='/dev/input/mice\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptmx\x00', 0x200, 0x0)
pipe(&(0x7f0000000440)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f0000000340), 0x41395527)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000380)={0x0, <r2=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b7}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0)
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:21 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:22 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070")
socket$inet(0x10, 0x3, 0x0)
setsockopt$inet6_MRT6_DEL_MFC(0xffffffffffffffff, 0x29, 0xd1, &(0x7f0000000000)={{0xa, 0x0, 0x0, @dev}, {0xa, 0x0, 0x0, @mcast2}}, 0x5c)
sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="e3"], 0x1}}, 0x0)
r1 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_ifreq(r1, 0x89f2, &(0x7f0000000180)={'ip6_vti0\x00', @ifru_flags})

22:05:22 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:22 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(0x0)
write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:22 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000240)=0x7fe, 0x4)
sendto$inet(r1, 0x0, 0x0, 0x0, &(0x7f0000cd2ff0)={0x2, 0x4e24}, 0x10)
recvmsg(r1, &(0x7f0000edffc8)={0x0, 0x0, 0x0}, 0x40002102)

22:05:22 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:22 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:22 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000004c0)={0x4c, 0x0, &(0x7f0000000300)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

22:05:22 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff})
write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:23 executing program 2:
semop(0x0, &(0x7f0000000040)=[{0x0, 0xfffffffeffffffff}], 0x15f)
semctl$IPC_RMID(0x0, 0x0, 0xf)

22:05:23 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r3, 0x15)

22:05:23 executing program 5:
semop(0x0, &(0x7f0000000040)=[{0x0, 0xfffffffeffffffff}], 0x15f)
semctl$IPC_RMID(0x0, 0x0, 0xd)

22:05:23 executing program 1:
r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x7)
ioctl$TCSETS(r1, 0x5437, 0x0)

22:05:23 executing program 2:
socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$mice(&(0x7f00000002c0)='/dev/input/mice\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptmx\x00', 0x0, 0x0)
pipe(&(0x7f0000000440)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_CONTROL(r1, 0x40086414, &(0x7f0000000040))
write(r1, &(0x7f0000000340), 0x41395527)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000380)={0x0, <r2=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b7, 0x2c01}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0)
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:23 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
migrate_pages(0x0, 0x81, &(0x7f0000000180)=0xffff, &(0x7f0000000240)=0x2)
setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

22:05:23 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r3, 0x15)

22:05:23 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r3, 0x15)

22:05:23 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:23 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff})
write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:24 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:24 executing program 1:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r0, r1)

22:05:24 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:24 executing program 5:
r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x7)
ioctl$TCSETS(r1, 0x8924, 0x0)

22:05:24 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:24 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'aead\x00', 0x0, 0x0, 'morus640-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x10)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
io_setup(0x20000000001005, &(0x7f0000000880)=<r2=>0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmmsg(r1, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000000)="5dfbb3b25243ab5d091a38bab19ecb01ccef66e4a78f0d1af358e10ecc50494a2cf8f8e3f108c6252c761ec601ecb6d56548e91afa64eb58929844c9515a6f17b922d97172f7f0d577c49fc81d611816acd8e4a75a184cbd4e766edf81349880dbb6b40bb4863b9362b8412fad85ca0160a05bc6116c584329c6b826fc03c6be9af308f1249943c8fdbfab778570e8fcd5b3003ccdf3d2", 0x97}, {&(0x7f00000000c0)}, {&(0x7f00000002c0)="89cfff71ddeeef5d5aa0f62c75ea6d3934e3f66db8b65954f1134c7d883673f2bfb447d8c786e0d51c86d4f9ad775f1b2ecf72ee28b04e5f", 0x38}, {&(0x7f0000000100)="1651bd69db4c3312c6c597434027fb4fef206457b79486ebfd8be33a231161afd9adbe5d036b67c8cc78457710cee52520e8cea2526b52e934d756c94f05f71dc5c991fddaae832193a68f19881b28f400814d86fd3194ad46597455dda39e7cd4941b193dee7e4f9750a0398dc5d058fe", 0x71}, {&(0x7f0000001480)}], 0x5}}], 0x1, 0x0)
io_submit(r2, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340), 0xfdef}])

22:05:24 executing program 2:
socket$inet_tcp(0x2, 0x1, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptmx\x00', 0x0, 0x0)
pipe(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$rds(0x15, 0x5, 0x0)
write(r1, &(0x7f0000000340), 0x41395527)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000380))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b7}, 0x0, 0x0)
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:24 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'aead\x00', 0x0, 0x0, 'morus640-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x10)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
io_setup(0x20000000001005, &(0x7f0000000880)=<r2=>0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000000540), 0x0, 0x800)
io_submit(r2, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340), 0xfdef}])

22:05:25 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x5)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
dup3(r1, 0xffffffffffffffff, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r3, 0x15)

22:05:25 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:25 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff})
write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:25 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x5)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
dup3(r1, 0xffffffffffffffff, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r3, 0x15)

22:05:25 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'aead\x00', 0x0, 0x0, 'morus640-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x10)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
io_setup(0x20000000001005, &(0x7f0000000880)=<r2=>0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmmsg(r1, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000000)="5dfbb3b25243ab5d091a38bab19ecb01ccef66e4a78f0d1af358e10ecc50494a2cf8f8e3f108c6252c761ec601ecb6d56548e91afa64eb58929844c9515a6f17b922d97172f7f0d577c49fc81d611816acd8e4a75a184cbd4e766edf81349880dbb6b40bb4863b9362b8412fad85ca0160a05bc6116c584329c6b826fc03c6be9af308f1249943c8fdbfab778570e8fcd5b3003ccdf3d2a9", 0x98}, {0x0}, {0x0}], 0x3}}], 0x1, 0x800)
io_submit(r2, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340), 0xfdef}])

22:05:25 executing program 1:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
syz_open_dev$dmmidi(&(0x7f00000001c0)='/dev/dmmidi#\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x101400, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptmx\x00', 0x0, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:25 executing program 2:

22:05:26 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x5)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
dup3(r1, 0xffffffffffffffff, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r3, 0x15)

22:05:26 executing program 2:

22:05:26 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
dup3(0xffffffffffffffff, r1, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r3, 0x15)

22:05:26 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:26 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, 0x0, 0x0)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:26 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

22:05:26 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
dup3(0xffffffffffffffff, r1, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r3, 0x15)

22:05:27 executing program 2:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x0, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0))
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r0, r1)

22:05:27 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
dup3(0xffffffffffffffff, r1, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r3, 0x15)

22:05:27 executing program 5:

22:05:27 executing program 2:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x0, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0))
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r0, r1)

22:05:27 executing program 3:
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
dup3(r0, r1, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r3, 0x15)

22:05:27 executing program 1:
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0x12b002, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
pipe(&(0x7f0000000440))
syz_open_dev$sndpcmp(0x0, 0x0, 0x4000)
vmsplice(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0)

22:05:27 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, 0x0, 0x0)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:27 executing program 5:

22:05:27 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:27 executing program 2:

22:05:27 executing program 3:
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
dup3(r0, r1, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r3, 0x15)

22:05:27 executing program 5:

22:05:28 executing program 5:

22:05:28 executing program 1:

22:05:28 executing program 2:

22:05:28 executing program 3:
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
dup3(r0, r1, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r3, 0x15)

22:05:28 executing program 5:

22:05:28 executing program 2:

22:05:28 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, 0x0, 0x0)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:28 executing program 1:

22:05:28 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(0x0)
write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:28 executing program 5:

22:05:28 executing program 2:

22:05:28 executing program 3:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
dup3(r0, r1, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r3, 0x15)

22:05:28 executing program 1:

22:05:28 executing program 5:

22:05:29 executing program 2:

22:05:29 executing program 1:

22:05:29 executing program 3:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
dup3(r0, r1, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r3, 0x15)

22:05:29 executing program 1:

22:05:29 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:29 executing program 5:

22:05:29 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(0x0)
write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:29 executing program 2:

22:05:29 executing program 1:

22:05:29 executing program 3:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
dup3(r0, r1, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r3, 0x15)

22:05:29 executing program 5:

22:05:29 executing program 5:

22:05:29 executing program 2:

22:05:29 executing program 1:

22:05:30 executing program 5:

22:05:30 executing program 3:
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
dup3(r0, r1, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r3, 0x15)

22:05:30 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:30 executing program 2:

22:05:30 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(0x0)
write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:30 executing program 1:

22:05:30 executing program 5:

22:05:30 executing program 3:
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
dup3(r0, r1, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r3, 0x15)

22:05:30 executing program 2:

22:05:30 executing program 5:

22:05:30 executing program 2:

22:05:30 executing program 1:

22:05:31 executing program 2:

22:05:31 executing program 5:

22:05:31 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:31 executing program 3:
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
dup3(r0, r1, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r3, 0x15)

22:05:31 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff})
write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:31 executing program 1:

22:05:31 executing program 2:

22:05:31 executing program 5:

22:05:31 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x0, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:31 executing program 5:

22:05:31 executing program 1:

22:05:31 executing program 2:

22:05:32 executing program 5:

22:05:32 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x0, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:32 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, 0x0, 0x0, 0x0)

22:05:32 executing program 2:

22:05:32 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff})
write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:32 executing program 1:

22:05:32 executing program 5:

22:05:32 executing program 2:

22:05:32 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x0, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:32 executing program 2:

22:05:32 executing program 5:

22:05:32 executing program 1:

22:05:33 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:33 executing program 2:

22:05:33 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, 0x0, 0x0, 0x0)

22:05:33 executing program 5:

22:05:33 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff})
write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:33 executing program 1:

22:05:33 executing program 2:

22:05:33 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:33 executing program 5:

22:05:33 executing program 5:

22:05:33 executing program 2:

22:05:33 executing program 1:

22:05:33 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:34 executing program 2:

22:05:34 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, 0x0, 0x0, 0x0)

22:05:34 executing program 5:

22:05:34 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, 0x0, 0x0)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:34 executing program 1:

22:05:34 executing program 2:

22:05:34 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:34 executing program 5:

22:05:34 executing program 5:

22:05:34 executing program 2:

22:05:34 executing program 1:

22:05:34 executing program 2:

22:05:34 executing program 5:

22:05:35 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000), 0x0, 0x0)

22:05:35 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:35 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, 0x0, 0x0)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:35 executing program 1:

22:05:35 executing program 5:

22:05:35 executing program 2:

22:05:35 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:35 executing program 1:

22:05:35 executing program 5:

22:05:35 executing program 2:

22:05:35 executing program 5:

22:05:35 executing program 1:

22:05:36 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000), 0x0, 0x0)

22:05:36 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0b")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:36 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, 0x0, 0x0)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:36 executing program 2:

22:05:36 executing program 1:

22:05:36 executing program 5:

22:05:36 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0b")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:36 executing program 5:

22:05:36 executing program 1:

22:05:36 executing program 2:

22:05:36 executing program 5:

22:05:36 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0b")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:37 executing program 2:

22:05:37 executing program 1:

22:05:37 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:37 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000), 0x0, 0x0)

22:05:37 executing program 5:

22:05:37 executing program 2:

22:05:37 executing program 1:

22:05:37 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47b")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:37 executing program 1:

22:05:37 executing program 5:

22:05:37 executing program 2:

22:05:37 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47b")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:37 executing program 1:

22:05:37 executing program 5:

22:05:38 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:38 executing program 1:

22:05:38 executing program 2:

22:05:38 executing program 5:

22:05:38 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47b")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:38 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{0x0}], 0x1, 0x0)

22:05:38 executing program 1:

22:05:38 executing program 2:

22:05:38 executing program 5:

22:05:38 executing program 2:

22:05:38 executing program 5:

22:05:38 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf0")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:39 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:05:39 executing program 1:

22:05:39 executing program 5:

22:05:39 executing program 2:

22:05:39 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf0")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:39 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{0x0}], 0x1, 0x0)

22:05:39 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000000, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x38)
tkill(r0, 0x19)
ptrace$cont(0x18, r0, 0x0, 0x7)

22:05:39 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f00000015c0)=[{&(0x7f0000000040)=""/44, 0x2c}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xfffffecb, 0x0, 0x0, 0x800e00515)
shutdown(r0, 0x0)
r2 = getpgrp(0x0)
getpgid(r2)
recvfrom$inet(r1, 0x0, 0x2c2d, 0x0, 0x0, 0x800e0050e)
shutdown(r1, 0x0)

22:05:39 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f00000015c0)=[{&(0x7f0000000040)=""/44, 0x2c}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xfffffecb, 0x0, 0x0, 0x800e00515)
shutdown(r0, 0x0)
getpid()
recvfrom$inet(r1, 0x0, 0xd172, 0x2, 0x0, 0x800e0050e)
shutdown(r1, 0x0)

22:05:39 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf0")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:39 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000500)='./file2\x00', 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x402c5828, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x8e3})

22:05:40 executing program 5:
writev(0xffffffffffffffff, 0x0, 0xfffffffffffffc89)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x50000}]})
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000001240)=[{&(0x7f0000000140)}, {&(0x7f0000000200)}, {&(0x7f0000001200)}], 0x3}, 0x840)

22:05:40 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, 0x0, 0x0, 0x0)

22:05:40 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:40 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x88)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x14e24}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e24, 0x0, @loopback}, 0x1c)
recvmmsg(r0, &(0x7f0000008600)=[{{0x0, 0x0, &(0x7f0000004440)=[{&(0x7f00000029c0)=""/201, 0xc9}, {&(0x7f00000033c0)=""/4096, 0x1000}], 0x2}}], 0x1, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000003140)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="a0ee6df879602bcd29bab7efbe62de39f409d1f2f6e008151726ac20333a106ade8f271c839be5231109a8a05de13e88d56bd00f09b447f64c04a9125db781eec69f1b531c49b76ae655bf407e964b2d313fd32ee4fac274f771bb45bb04ac8f3cae23dbc04ca1bfdc06d3763a7057bc40eda48eb449d96d33610f80784e415894df9c5ef4a23221398476354f1f857d6f559407d6c16d0595a19646862ba57810da430c06f0ce0729ac205dc8b27be6e599b115e2c9e2bc2ce2b335b9c6bd60be876efbd86a1d9e9b03", 0xca}], 0x1}}], 0x1, 0x0)

22:05:40 executing program 1:
r0 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0)
r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x8200)
getresuid(&(0x7f0000004180), 0x0, 0x0)

22:05:40 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000480))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{0x0}], 0x1, 0x0)

22:05:40 executing program 5:
r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
socketpair$unix(0x1, 0x40000000003, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
open(&(0x7f0000000780)='./bus\x00', 0x0, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)

22:05:40 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:40 executing program 1:
clone(0x7fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000000, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f00000021c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c840f05"], 0x4}}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x30)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

22:05:40 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl(r0, 0x1000008912, &(0x7f0000001c00)="11dca5055e0bcfe47bf070")
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
r2 = dup2(r1, r1)
sendmsg$unix(r2, &(0x7f0000001bc0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001cc0)=[@cred={{0x1c}}], 0x20}, 0x0)

22:05:40 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0800b5055e0bcfe87b0071")
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0xfc, 0x13e)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000008c0)={'ip6gretap0\x00', <r2=>0x0})
bind$packet(r1, &(0x7f0000000a00)={0x11, 0x0, r2}, 0x14)
sendto$inet6(r1, &(0x7f0000000040)="0303000003004c0000001100fff55b4202938207d9fb3780398d5375000000007929301ee616d5c01843e06590080053a6e385472da722827316d7abc25ae7b5003511f5cfe606f6925cbf34658ea132797b1abc5dc62600009b000000faffffff00007caa080d551107826d", 0x6c, 0x0, 0x0, 0x0)

22:05:40 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:41 executing program 1:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
write$cgroup_type(r0, &(0x7f0000000080)='threaded\x00', 0x571237)
write$FUSE_LSEEK(r0, 0x0, 0x0)
read$FUSE(r0, 0x0, 0x0)

22:05:41 executing program 2:
poll(&(0x7f0000000000)=[{}, {}], 0x2, 0x46)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00509)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r1, &(0x7f0000000300)=[{&(0x7f0000000980)=""/246, 0xf6}], 0x1)
shutdown(r0, 0x0)
shutdown(r1, 0x0)

22:05:41 executing program 5:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000340)={<r1=>0x0, <r2=>0x0})
sendmsg$kcm(r1, &(0x7f0000000140)={0x0, 0x24b, 0x0}, 0x0)
close(r1)
recvmsg(r2, &(0x7f0000001c00)={0x0, 0x0, &(0x7f0000001a40)=[{&(0x7f0000000480)=""/1, 0x1}], 0x1, &(0x7f0000001b00)=""/215, 0xd7}, 0x0)

22:05:41 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:41 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, 0x0, 0x0, 0x0)

22:05:41 executing program 0:
clone(0x100000000200, 0x0, 0x0, 0x0, 0x0)
mknod(&(0x7f0000000440)='./file0\x00', 0x103a, 0x0)
execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
execve(&(0x7f0000000140)='./file1\x00', 0x0, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x0)

22:05:41 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xf7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x7ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r0 = epoll_create1(0x0)
fcntl$lock(r0, 0x7, &(0x7f0000000000))
ioctl$UI_SET_ABSBIT(0xffffffffffffffff, 0x40045567, 0x0)

22:05:41 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:41 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup\x00', 0x200002, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
ftruncate(r2, 0x208200)
fcntl$setstatus(r1, 0x4, 0x6000)
io_setup(0x2, &(0x7f00000004c0)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x10000}])
io_submit(r3, 0x1, &(0x7f0000000440)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x8, 0x0, r1, &(0x7f0000000140)="73844ae89d", 0x5}])

22:05:41 executing program 1:
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='rpc_pipefs\x00', 0x0, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, &(0x7f0000000340))
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2c, 0x0, 0x0)
getpid()
rmdir(&(0x7f0000000200)='./file0\x00')
ioperm(0x8, 0xfffffffffffffff7, 0x8)
getpgid(0x0)
prctl$PR_GET_NAME(0x10, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000004540), &(0x7f0000004580)=0xc)
syslog(0x9, &(0x7f0000000240)=""/62, 0x3e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000004c80)=[{&(0x7f0000000280)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000200), 0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="30000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="24000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xc0, 0x90}], 0x1, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000))
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e28000000110affff82aba0aa1c0009b356da5a80918b06b20cd37ed01cc000"/76, 0x4c}], 0x1}, 0x0)

22:05:41 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f0000001800)=[{&(0x7f0000000140)=""/186, 0xba}, {0x0}], 0x2)
r1 = dup(r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r2, 0x0, 0xff79, 0x0, 0x0, 0x800e00549)
shutdown(r1, 0x0)
r3 = dup(r2)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000040)=""/18, 0x12}], 0x1}, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r5, 0x0, 0xbf9d, 0x0, 0x0, 0x800e0053e)
shutdown(r4, 0x0)
r6 = socket$inet6_sctp(0x1c, 0x3, 0x84)
readv(r6, &(0x7f0000001680)=[{&(0x7f0000000100)=""/227, 0xe3}, {0x0}, {0x0}, {0x0}, {0x0}], 0x5)
shutdown(r5, 0x0)
shutdown(r3, 0x0)

22:05:41 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:42 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f0000000400)='net/tcp\x00\xcdWq\xe9*\a4g\a^\x90\xb6\xe4kH2\x80/\x88\xb6\xbb\xeb`\xb8@#\x83tH\xae\xa4y\x1d\\]\x93\x93\xb5e\xd9\xd4\xb8A# \xc8*s\xd0g>\x16\xabM\x7foK\xec\x17f\xb9x\x11\xbf\xab\x16\xc5\xcb\x94\xff\x1c\xa0\x01\xb3I\x1c\xb9\xcc\xbb\xbe\x9c\xd0!\x13\xe1\xbc.\xfaG3\x85\xe0,')
readv(r0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/244, 0xf4}], 0x1)

[  505.010140][T19462] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
22:05:42 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom(r0, &(0x7f00000002c0)=""/67, 0x43, 0x0, 0x0, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00516)
shutdown(r0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r2, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/31}], 0x1000000000000330, 0x0, 0x87}, 0x0)
r3 = dup(r2)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r4, 0x0, 0x1de, 0x0, 0x0, 0x800e0050e)
shutdown(r3, 0x0)
r5 = socket$inet6_sctp(0x1c, 0x5, 0x84)
readv(r5, &(0x7f0000000440)=[{&(0x7f0000000040)=""/128, 0x80}, {0x0}, {0x0}, {0x0}], 0x4)
shutdown(r4, 0x0)
r6 = dup(r1)
shutdown(r6, 0x0)

22:05:42 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:42 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f00000000c0)={'nat\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20000102000007)
sendmsg(0xffffffffffffffff, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="2400000002031f001cfffd946fa2830020200a800900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@dev, @in6=@loopback}}, {{@in6=@mcast2}, 0x0, @in6=@initdev}}, &(0x7f00000000c0)=0xe8)
sendmsg(0xffffffffffffffff, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa28300", 0x10}], 0x1}, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x5791e25d23861ac7, &(0x7f0000000340)=""/4096, &(0x7f00000001c0)=0x1000)

22:05:42 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, 0x0, 0x0, 0x0)

22:05:42 executing program 0:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net\x00', 0x200002, 0x0)
fchdir(r0)
r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r2 = socket$inet(0x2, 0x4000000000000002, 0x1)
syncfs(r2)
setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f0000000300)=0x73, 0x1008e)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e22, @multicast1}, 0x10)
setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000040)=0xfffffffffffffffc, 0x4)
clone(0x20003ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
socket(0x40000000005, 0x80, 0x5)
r3 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x7d)
close(r3)
r4 = syz_open_dev$loop(&(0x7f0000000540)='/dev/loop#\x00', 0x7ff, 0x125086)
getsockopt$inet6_mreq(r1, 0x29, 0x0, &(0x7f0000000640)={@mcast1, <r5=>0x0}, &(0x7f0000000680)=0x14)
fstat(r3, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
setsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000001940)={{{@in=@broadcast, @in6=@rand_addr="16a7e354a8364c0cc42ac82b7b76b2b1", 0x4e20, 0xbd1, 0x4e24, 0x0, 0xa, 0x80, 0xa0, 0xab, r5, r6}, {0xbbe, 0x9, 0x804, 0x9, 0x8, 0x0, 0x8, 0xb9b}, {0xffff, 0x0, 0x3, 0x3a7fc0000000000}, 0x8, 0x6e6bbd, 0x0, 0x1, 0x1, 0x2}, {{@in=@broadcast, 0x4d2, 0x2b}, 0xa, @in6=@initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x3504, 0x0, 0x1, 0x1, 0x0, 0x7fff, 0x8}}, 0xe8)
r7 = memfd_create(&(0x7f0000000000)='}#*nodev\xee\xb8em2N,\x00', 0x20000000000000)
pwritev(r7, &(0x7f00000000c0)=[{&(0x7f0000000480)="a8", 0x1}], 0x1, 0x81000)
ioctl$LOOP_CHANGE_FD(r4, 0x4c00, r7)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x360)
fcntl$setstatus(r3, 0x4, 0x0)
pipe(&(0x7f00000004c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
write(r9, &(0x7f00000001c0), 0x526987c9)
getsockopt$ARPT_SO_GET_ENTRIES(r3, 0x0, 0x61, &(0x7f0000000180)=ANY=[], 0x0)
read(r8, &(0x7f0000000840)=""/250, 0x2852b87c)
sendfile(r4, r3, 0x0, 0x80005)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f00000002c0), 0x0)
syz_open_procfs(0x0, &(0x7f0000000340)='pagemap\x00')
ioctl$sock_SIOCGIFBR(r3, 0x8940, &(0x7f0000000800)=@generic={0x1, 0x10001, 0x80000000})
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x1, 0x0)

22:05:42 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:42 executing program 5:
socket(0x0, 0x0, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000001c0)='ns/user\x00')

22:05:42 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
setsockopt$inet6_int(r1, 0x29, 0x2, &(0x7f0000000200)=0x1ff, 0x4)
recvmmsg(r1, &(0x7f0000008880), 0x45b, 0x0, 0x0)

22:05:42 executing program 2:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
write$cgroup_type(r0, &(0x7f00000009c0)='threaded\x00', 0xd4b9afd)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000340)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x10004000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}})
read$FUSE(r1, &(0x7f0000002000), 0x1000)

[  505.696929][T19505] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
22:05:42 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
clone(0x1001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r0, 0x0)
mmap$binder(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x0)

22:05:42 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

[  505.984307][T19529] binder_alloc: binder_alloc_mmap_handler: 19528 20ffc000-20fff000 already mapped failed -16
22:05:43 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:43 executing program 5:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x2000000001, 0x0)
ioctl$UI_SET_FFBIT(r0, 0x4004556b, 0x7d)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x25}, 0x45c)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)

[  506.286512][T19539] input: syz1 as /devices/virtual/input/input8
22:05:43 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000), 0x0, 0x0)

[  506.347742][T19539] input: syz1 as /devices/virtual/input/input9
22:05:43 executing program 5:
socket$inet(0x2, 0x3ffffffffd, 0x0)
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000300)=@gcm_128={{}, "eb62c94fe0e5d70a", "347eba3828abd0f975f7ece1b0658476", "9d90f528", "dde87d5e6e99da9c"}, 0x28)
clone(0x7ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='stat\x00')
socketpair$unix(0x1, 0x2000000002, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
exit(0x0)
sendfile(r1, r0, 0x0, 0x100000002)

22:05:43 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:43 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000040)={@dev}, 0xfffffffffffffdf3)

22:05:43 executing program 1:
clone(0x7fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000000, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f00000021c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c840f05"], 0x4}}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x30)
ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f00000000c0)={@local, 0x4f})
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

22:05:44 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:44 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee67, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x1)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x3b, 0x0, &(0x7f0000000180))
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, 0x0)
sendto$unix(r1, &(0x7f0000000100), 0x14ded905162a6b89, 0x0, 0x0, 0xfffffef2)
perf_event_open(&(0x7f000000a200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
recvfrom(r1, &(0x7f0000001240)=""/4096, 0xffffff7e, 0x0, 0x0, 0x0)

[  506.939275][T19569] ptrace attach of "/root/syz-executor.1"[19568] was attempted by "/root/syz-executor.1"[19569]
22:05:44 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f00000015c0)=[{&(0x7f0000000040)=""/44, 0x2c}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xfffffecb, 0x0, 0x0, 0x800e00515)
shutdown(r0, 0x0)
getpid()
recvfrom$inet(r1, 0x0, 0xd172, 0x0, 0x0, 0x800e0050e)
shutdown(r1, 0x0)

22:05:44 executing program 0:
poll(&(0x7f00000000c0)=[{}, {}, {}], 0x3, 0x42)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00509)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000100)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x4}, 0x0)
r2 = dup(r1)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r3, 0x0, 0xfec5, 0x0, 0x0, 0x800e00505)
shutdown(r2, 0x0)
poll(&(0x7f0000000080)=[{r2}], 0x1, 0xcd)
shutdown(r3, 0x0)
shutdown(r0, 0x0)

22:05:44 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:44 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x0, 0x0, 0x2c6)

22:05:44 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000), 0x0, 0x0)

22:05:44 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r1, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001600)=[{&(0x7f0000000000)=""/8, 0x8}, {0x0}, {0x0}, {0x0}], 0x4}, 0x0)
recvfrom$inet(r2, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00505)
shutdown(r1, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000018c0)=[{&(0x7f0000000580)=""/4096, 0x1000}, {0x0}], 0x2}, 0x0)
r4 = dup(r3)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r5, 0x0, 0xccf3, 0x0, 0x0, 0x800e0050e)
shutdown(r4, 0x0)
read(r2, &(0x7f0000000200)=""/151, 0x97)
shutdown(r5, 0x0)
shutdown(r2, 0x0)

22:05:44 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:44 executing program 2:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x22000, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0)
dup3(r1, r0, 0x0)

22:05:44 executing program 1:
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uhid\x00', 0x802, 0x0)
write$UHID_INPUT(r0, &(0x7f0000000100)={0x8, "96806801c7455f8257ce48b8195beac906a1b402598d129827beb94bd60cbf03cf3b8f19dede46e5e7606a26b9ee18b856e959085a5b4c666d679421d8617a7d34b5fa47cc0f85c31b745ce8a76da86607faeea3c32eabbdd0a9dd62874b5302af540ef02e5ffce4c84623e27ac41266cf8d9d4ba351561daf002f1555c4e02edf9c99afd9fb07035e6b03c4e35261603693bc4f80031a58542fadd811d88f6ef9c07fc26c67bc7be975fc91af6bd748b6a57ed258d26e526cda55ac53013de874344eb0ef037928260ce30029b722e71d27958907441fd6aa6dc026e381cfee45102cdae36e2cf3dfe67c6a5c8678ea4d96cea0457c6a365a5dec260267087480637e695f72af597b7ee6e5e93d47d70e745585023bc6399d5844db5de1237ea9f8285da3668793ac34741cb95c591217cae58fb97c7a833f1580d8912ae8b5677b4995c512036e080ba2d74f416b5363134db29942662b491ff51b8b58ccc159cbd474f903ee63f07505a475c5876965c6c0411d5d28bdd2cefd06d3666d90ddb33904e1a32e4179b21b62f601bfe2c4f72b8da273cc3c8000e7a7a800d9d53ee6084a25319abe4410d73c5c9641eb53fdca30845f7b819a402a560cd2aa73e620a354487ddef98cdb5caf099bd33054044c1e0f3bc3bc9a29349ba208400adf72804a9e7d126dad0608f02501834f4f567544cb3cc2f55b7c1d91fead95f4e94192f8a9f1931708846a991fd85d5612139f4c2a7cc6cbc0a74ed09354f71054ab795c0c8910593d9025f7ec73be13af43378304edd85b154d48e515fdf341ad46245fb18d436bdb0d06887ee0d95d619ec6ee5f6f5dafe1595861adb51a01d4cc1415f8f8c4bdf992d80e777621d2620dcd2e010b9c1521a9c0dcb034c956a5f5e09e2063430f1e3df4b6f4eb1fc37a37bc94602d0a9ba80ed3f3c4717ff497be3ef79d2836e8b0dde98f155066e0cf2c89cc79d1ee6a6722725f88b099f14062edf990804444c8be22a51b1f387a01836c46a69f9a8ef9bbf1b273e9c9b2cdeeb3251a163f22289ded17ed0468779e9cc2014eb9d6669c5bdf19c8b5707d0fce19e2ac87b8ac6b570dcdfcd5f64b9a6813eacb174400f25d31bd9a5dc0d18a61c48f50a3a5edd8a4a87888b53c1437ea3481a02b5fbac7feb70878bb610324db1e1bf131e0b84291b7a56b8ee841d77be66adc1cc39ec9c73409f0875459c0df0726610fc8d92dc73e419ff48d28752a511751be3262163e6d35ef9af4cacb8b6a7194899e484a96c67a380a47e1218b849a1b9ae782259e1686e1dda1863fc3cc81a6639c12a74be623342fc5e307e571d83903537f07a5f974e7e112bfaca4a182cf6734dfe06cc6e7250f19ffb800a30b56b83e1713c5c4f60b88af162d3b884dead4e11440151ee8b432cc8eaaf87b5698e652c0220f459617c6d9a75da7e6e732e8781b7774983bb00aa0c47ad9ff9d42270852ec95ae1a9fa649dc6b3dbc5c68a911d0dc4f0c3a596e8d15d6d77fd3ca13603f160c3f4a80c9c01c87b834d3feb3980dc1cfeedc0afc0ab05a9a20e957b4263c346023b5530082d1826a748f5b6f34cb22336153e14dde676d5f2c31a228db88817c98d2969605e1d4ef875ea0611870f23b355aa9adaea40e030e6f5f6de5b495927bdb772c4bf42745ea36275f06c3902c279567ba3a022505b22cf004127d6bffad93d84f319ab01bfb69d1fec14d11dfb470ea09b374cd7ad2a38e6b7d5688a048771cee65bff4989fc36f9ac75c55087bb9e22b4c2a4ee9cfe87bf47089221308e35a3426644de9ef187ecfce039d0b9f5ae77ea7a9d4e7735fb92153df3de9d320ec4afbe12668d28f1e866bd0100f3ac939d8214a60d88463fc02370a8ccd01802422215b0389fd9aea0a3588dc04242c4ee9405eb849b9828dd5193569a1e9b7917a79197f737ccc710f609194422d1f8b494c1d3996553fa79f70262954f0fbb0a21f69c831ef7cd54715b32d2af42188d2ab3dcb08702789001cdf6eaa43ae150ab1d27f2d1e00a0402527464d38e76a5f6e23700db0c653eafdcf8ac435171cbc14fae12c2b133bb9de4045aa414d886577a7c402334c280460d78b7e15a30bdfd47fff37eb672c2db4c7ed4e1b818163cf874a7932bb5e571decfb6b8e5d9683b28bed1a6b764c170718d508373d131f172e4abec2291cd24ed5a9967f863bf93e534d756a43c7ed00334b03d1f82f0549b4e1ca7329475d9e7e96d5054652e9ee4e85e9256f38dd17771fabb6b6b3f0b1cc537ee096803dca5898229a3cf328919e059e31ec6a05f090a901dd9ac1323ef4f37e11bef37a624d27425ccdc6d426b85bf6f2bde8b8704d75368e49693eb7f5404804b98f35872bc06c7475ea48ef33f500dc6edb210ddeaf5d864dab20bb0b6ca01675b5c77c598769038be8ed31f18ee59d0b3687b62002ec181764fa23815a0e5ece3c16425fbddd7cd8e48d474b964b60d3ae40745212c1d8be51b983e2820ea74bd411e24a5a682a92adcc58f6cd35b0591a641aad192200f618d186d7919f475b7a5f957217829b108c44b9c74a45289427dd1f5fb55d076a8fef6e0bcd2018f9af444488d4947aeee795c43e4c818ee3c40fb9f387128ee8719e133c3855d2a163a967398b288f10eada55feb643975e654f406863377c82ba9bd1658579feea0dbde42d7a7d22c9e4bd13655cc60e30455f4b725c620c96a5e71f8790e05aeec020c3fd1a77b6b26c8b99ba7f3ee2efc4c5bd6430e499c35f2aa6a77caf836944f456777f981518c8253a3b7ee86c88851659119bb5888fd5340a6a87e32444aba7aee074f3e7c9b98463ecb2498a331651c96f89b1fe04aa8fcb12540673e9d3cb20e3fc5670eec9028b030fa00f478bf9382897925094f21cf0c9047dfb03441734a5714e391cb22ccb6704bdb38215589fda1d59cf247604ec7ec97d92509887b5abdeca001349636e6d42b9874526630c31d7ef15fc52b71c0fb77f3dec3ae1fcb55f156f256b24290157a4cb1eb86ac13c42c265a22f01089fbd786db331b425eaffe3bdb77cf8ef1fdbf0bcc5d80df130314c7651ce2e71f52fd0f0568de3dee14762a85e809436a570b64f92cbd798e3a8d12d69a31d57ed395fd4632c8f1d5586cb218decf1c9ac46ad9bee6f348500785c32d74b06192eb98fa65f02e7638054f8824f63fcec656179a00dfc1bf42316023c5107717aa435b7031a699d7d8adbfe27e94d9ac2c01330754e0ae1a9cf4083a41b0f850ef7a32616c40e0853c0929b1e3881230d7eaea189328bfb38379189669e16d6ad2676628bef9957b85cb89a31b4b2bd5082ca295140910ddac86cb78852cccc46f07ce9055b5609ad669a0182c3c9aaadea4467d95851558e15d75f0b87f6f1fbbba09e00467d4eddd9bfded3f2e7e9c952e4e50d94915113da47064e4da7ea04bd3ff4e96b0a1c96c5c4ac3a5de6936cbe77beb3b46547d765f3d64a1afc94d06ffa4257b23b3210240b38e11843f81c0d31d0be3ab26df7818d024ddc29bd564f254598a8ac5462007e9a2517955e6c75f4c8bfecbf4d5ac0e2608f283783837c45bb68612ebf180f9bcdb5a9dca12bf9e217a7c8df2602ad6f75c28614f3413f70969ab94361582868569c6c404ac08ce00fae9bda681aef751a2af36c8c8e9461d3e634d939dbac2a795220227ac260700096a24163c6410eb69edc437dd0a4893e13250bb1f0d71edca6525558d056918b3191548f3145f9ea9674e0b974b267406b1d6f85fa0064107cbeb4c259ff785421159f1d28fb328f0249f6d36793d07736a61c46fcf2a4481997b015584777c73910cf164e6db4daa88c1403a3243db4aaee9562fc367b63fbb63e26952813c6610f1dfc6f52e771da11194c97d9869f84efeed758f6644abacad519dd323fe10a70b69d84934df4ecf44507539c45e51e4dd09d2ea2228bbf0fbc6d28f332954e3338c6a3c1e0c93759c7348f6459b77bd457fd7c88789003ae77dd9f88ed0b840aeec962d1859b2de7735978791c876fb1823ee96ee7f86a8eef58f2f00e02e1e34fce5df2af67ca5a919d1ef717731aff40beeda24035a0ec76063ee3d5fe8d1e06b581315bc2f8b6d76350737da750409aa84fc3e017221798ed372253f172f619a7bd8c8acbaf939461e9cf620344bb6c577ae0956443b406465632bc21b8c7b3f60e69aa2d9ae664f706d4317d228f197d7de86f369e7137c2ede78c170cfc432477d39587eaf2a83ae236c7130cde5dfad52e30ba63c1fae39f7cbe9333154102b29ffdb29761b4d9d61d26294d158c4d6249408752d388b1c5ca5af9998494a70222786da5bca48ddc22358947896649ebaef9c1e17b51e341c13517f12d424f7e098ac66c2c6cce2cc5cd85b4305f51c9e06caab2c245dfce6d42dc732effddfecbcf7720a11172d537ac76630fa368ddf8bf6411a7fcbd96000fbe3bfa26426c5c1802bcb4dfb846ae7a70b8d0805fdde987f72f380097ef30822c432ba8b497c5de0a0a8fa3278299f63a254c30f454e805ddebd20d56c159d0f8a6851f3399899734418731d7eadf70d046c479a4ce2d46507fef3e344e975f620e771e4bc376d305ab7e2aab745527f7347c813e24dce412459eb4023a5a8be928abfc86f508be3303599562766ff4f439505c3df457e7174a48770c204ee45f391d2bdbba1624e81467d62bd5037f05e72fe690dd7e857424e4e339b5efe997996586d69bd21fd4d2fac7e9bcc860b907df059a46e2544590414649006ba6d8f66bcde3e516d5589ff7c9997c1452602943cb2d7f21578e86dd0e396608cdfaaa9bd6462abdc1f7bdd8dc8b21f0b78a9293f7a3cae5ed1bb034917f4133bafe7aa79ae2316284b4dea29179110cb7f1ddc56991227ebe4998fae89517909bd71d751b8de7034fd0377c6f2b4ed9cdeaf8e6440cd5d9bf3720b78d70bac0ddfdee4d79fad629f03e0656528ea8cc3fb0a2a81f6e0fa38ef61c446b62cec8469aee4d243fcaafa794a5d9009dd29c5ecfa4950377678b6d01e70a9feb943390acbced476ba79f8582feaf407de051cb07ef539aa9c32a4dc2594c2ac413621a8b012b535d6473057066cc1ec56f7d03f575f75f5c04cc8c8396cdde66667b5b94cf48e2b7394395eca6451a1c672794f4ed82b8302d259e272b27a98e64d60dece4bdeace50f78ffc4a2a6aeb5c9c91148411e4c1f4247fa3720fbb1d4d5707a8b8d4e275ad55ac59481c03bd440fb96f2fdaf864c39d0d3677248260e753e82b20dda3685df1f5dfeaaa6cbdcdc307ffe7c0def886a66861773339062c5d9809e41e28b169eddb7beb0070d41f343096ce6ead57e35e211f7607ee42bf2af882db4b5db734eeae9985c06beefbc5026ce71e427827cf8c9266b230c2f7a2950455c3c89c00ffbfae8819e18aca0503d77036921598edef04723ce48e1540b3da7f0d9f5e20972ff94184f89e1a3b594f078269783a49854a0f1bce591ffa662ba1727d5565c3ff90dc2c2f54d65a7095e42c86d70e215be0341d513b6b4b86ce11195e7347520db38f02537f92e4dbf41bcb4ec84dd56cb3e12d641fdb45332b790ae7809314f9519e39f978e5ad110f88bd6f2858019a3d9b8e660429ebe7afdafcbdde7b98f6ac2e40befe7439b4116eec0b228ab4807cbcf9e4d3c59bbdb19bbd0609b6489d263953bf5bf6e3e82b9cdcc1f39656088cb07d7fb207d933ab3e6851deb9671200c20881ff4e771cd64845dd8035f23747936e56827e97", 0x1000}, 0x1006)

22:05:44 executing program 0:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/tcp\x00\xcdWq\xe9*\a4g\a^\x90\xb6\xe4kH2\x80/\x88\xb6\xbb\xeb`\xb8@#\x83tH\xae\xa4y\x1d\\]\x93\x93\xb5e\xd9\xd4\xb8A# \xc8*s\xd0g>\x16\xabM\x7foK\xec\x17f\xb9x\x11\xbf\xab\x16\xc5\xcb\x94\xff\x1c\xa0\x01\xb3I\x1c\xb9\xcc\xbb\xbe\x9c\xd0!\x13\xe1\xbc.\xfaG3\x85\xe0,')
readv(r0, &(0x7f0000000580)=[{&(0x7f0000000200)=""/172, 0xac}], 0x1)

22:05:44 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:45 executing program 2:
r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x7, 0x1100082)
r1 = memfd_create(&(0x7f0000000440)='\x00\x81\x00\x00\x00\x00', 0x0)
pwritev(r1, &(0x7f0000000140)=[{&(0x7f0000000180)="16", 0x1}], 0x1, 0x401081806)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1)
sendfile(r0, r0, 0x0, 0x2000005)
ioctl$LOOP_CLR_FD(r0, 0x4c01)
getgid()

22:05:45 executing program 1:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='oom_adj\x00')
write$P9_RGETLOCK(r0, 0x0, 0xe5)

22:05:45 executing program 0:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000200)='/dev/uinput\x00', 0x2, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x25}, 0x45c)
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='trusted.overlay.upper\x00', 0x0, 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)

22:05:45 executing program 5:

[  508.287725][T19650] input: syz1 as /devices/virtual/input/input10
22:05:45 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r3, 0x15)

[  508.451174][T19657] input: syz1 as /devices/virtual/input/input11
22:05:45 executing program 2:

22:05:45 executing program 1:

22:05:45 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000), 0x0, 0x0)

22:05:45 executing program 5:
mkdir(0x0, 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x50000}]})
r0 = inotify_init()
timer_create(0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, 0x0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0xffffffffffffffc6)

22:05:45 executing program 1:
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x0, 0x0)
socketpair(0x1, 0x2000000003, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0xfffffffffffffe80, 0xfffffe51, &(0x7f0000000040), 0x0}, 0x28)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f3, &(0x7f0000000000)='ip6gre0\x00')

22:05:45 executing program 0:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup.cpu\x00', 0x200002, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x402c5828, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x9})
ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f00000002c0)={0x0, 0x7})

22:05:45 executing program 2:

22:05:45 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r3, 0x15)

22:05:46 executing program 2:

22:05:46 executing program 1:

22:05:46 executing program 1:

22:05:46 executing program 0:

22:05:46 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
dup3(r1, r2, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r3, 0x15)

22:05:46 executing program 5:

22:05:46 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{0x0}], 0x1, 0x0)

22:05:46 executing program 1:

22:05:46 executing program 2:

22:05:46 executing program 0:

22:05:46 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(0xffffffffffffffff, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:46 executing program 5:

22:05:46 executing program 2:

22:05:46 executing program 0:

22:05:46 executing program 1:

22:05:46 executing program 5:

22:05:46 executing program 0:

22:05:47 executing program 5:

22:05:47 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{0x0}], 0x1, 0x0)

22:05:47 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:47 executing program 1:

22:05:47 executing program 2:

22:05:47 executing program 0:

22:05:47 executing program 5:

22:05:47 executing program 2:

22:05:47 executing program 5:

22:05:47 executing program 1:

22:05:47 executing program 0:

22:05:47 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:47 executing program 1:

22:05:48 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x40001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{0x0}], 0x1, 0x0)

22:05:48 executing program 5:

22:05:48 executing program 0:

22:05:48 executing program 2:

22:05:48 executing program 1:

22:05:48 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:48 executing program 5:

22:05:48 executing program 0:

22:05:48 executing program 1:

22:05:48 executing program 2:

22:05:48 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(0xffffffffffffffff, r2, 0x0)
r4 = gettid()
timer_create(0x0, 0x0, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:48 executing program 5:

22:05:49 executing program 1:

22:05:49 executing program 0:

22:05:49 executing program 2:

22:05:49 executing program 5:

22:05:49 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(0xffffffffffffffff, r2, 0x0)
r4 = gettid()
timer_create(0x0, 0x0, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:49 executing program 4:

22:05:49 executing program 2:

22:05:49 executing program 5:

22:05:49 executing program 0:

22:05:49 executing program 1:

22:05:49 executing program 4:

22:05:49 executing program 0:

22:05:49 executing program 2:

22:05:49 executing program 1:

22:05:49 executing program 4:

22:05:49 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(0xffffffffffffffff, r2, 0x0)
r4 = gettid()
timer_create(0x0, 0x0, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:49 executing program 5:

22:05:50 executing program 0:

22:05:50 executing program 1:

22:05:50 executing program 2:

22:05:50 executing program 4:

22:05:50 executing program 0:

22:05:50 executing program 5:

22:05:50 executing program 4:

22:05:50 executing program 1:

22:05:50 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(0xffffffffffffffff, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0), &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:50 executing program 2:

22:05:50 executing program 5:

22:05:50 executing program 0:

22:05:50 executing program 1:

22:05:50 executing program 4:

22:05:50 executing program 0:

22:05:50 executing program 5:

22:05:50 executing program 2:

22:05:50 executing program 1:

22:05:50 executing program 2:

22:05:51 executing program 0:

22:05:53 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(0xffffffffffffffff, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0), &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:53 executing program 4:

22:05:53 executing program 5:

22:05:53 executing program 1:

22:05:53 executing program 2:

22:05:53 executing program 0:

22:05:53 executing program 2:

22:05:53 executing program 0:

22:05:53 executing program 5:

22:05:53 executing program 1:

22:05:53 executing program 4:

22:05:53 executing program 0:

22:05:56 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(0xffffffffffffffff, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0), &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:56 executing program 1:

22:05:56 executing program 2:

22:05:56 executing program 4:

22:05:56 executing program 5:

22:05:56 executing program 0:

22:05:56 executing program 1:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x9d, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$revoke(0x3, r0)

22:05:56 executing program 2:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x9e, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x13})
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0x35b)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd})
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x7f})
syz_genetlink_get_family_id$tipc2(0x0)
sendmsg$TIPC_NL_MON_PEER_GET(0xffffffffffffffff, 0x0, 0x0)
dup(0xffffffffffffffff)

22:05:56 executing program 4:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x9d, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, r0)
keyctl$revoke(0x3, r0)

22:05:56 executing program 0:
socket(0x10, 0x803, 0x0)

22:05:56 executing program 5:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x9e, 0x100000000000002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x803, 0x0)
write(r0, &(0x7f0000000240)="fc0000004a000704ab092500090007000aab80ff01000000e0ff3693e000010bff010000000500000000000000036915fa2c1ec28656aaa79bb94b46fe000000070002000000000000006c6c256f1a272f900e2e117c22efc205214000000000008934d07302ade01720d7d5bbc91a3e2e80772c74fb2c000005deef11a822c9afea7d434bbba05f2cb6d73fe0d3f1c2add7f671fd5a32e280fc83ab82f605f70c9ddef2fe082038f4f8b29d3ef3d92c83170e5bbab2ccd243f295ed94e0ad91bd0734babc7c3f2eeb57d43dd16b17e583df150c3b880f411f46a6b567b4d5715587e658a1ad0a4f01731d09b0350b0041f0d48f6f0000080548deac", 0xfc)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, 0x0)

22:05:57 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000080)=0x4, 0x22a)

22:05:59 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(0xffffffffffffffff, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:05:59 executing program 4:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'aead\x00', 0x0, 0x0, 'morus640-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x10)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
io_setup(0x20000000001005, &(0x7f0000000880)=<r2=>0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmmsg(r1, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000000)="5dfbb3b25243ab5d091a38bab19ecb01ccef66e4a78f0d1af358e10ecc50494a2cf8f8e3f108c6252c761ec601ecb6d56548e91afa64eb58929844c9515a6f17b922d97172f7f0d577c49fc81d611816acd8e4a75a184cbd4e766edf81349880dbb6b40bb4863b9362b8412fad85ca0160a05bc6116c584329c6b826fc03c6be9af308f1249943c8fdbfab778570e8fcd5b3003ccdf3d2a9", 0x98}, {&(0x7f00000002c0)}], 0x2}}], 0x1, 0x800)
io_submit(r2, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340), 0xfdef}])

22:05:59 executing program 0:
r0 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x20, 0x101002)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
write$evdev(r0, &(0x7f0000000000)=[{{0x0, 0x7530}, 0x1, 0x38, 0x2}], 0x6fe)

22:05:59 executing program 1:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x4000000000000002, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
r1 = epoll_create(0x9)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00', {}, 0x0, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000]}, 0x45c)

22:05:59 executing program 5:
syz_emit_ethernet(0x1e, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaa000160c2d986c58f500335000000000000b3f3b90884e95988"], 0x0)

22:05:59 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vet\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbdh\x00', 0x43732e5398416f1a})
ioctl$TUNSETOFFLOAD(r0, 0x400454d0, 0x1)

[  522.707887][T19945] input: syz1 as /devices/virtual/input/input12
22:05:59 executing program 5:
syz_open_procfs(0x0, &(0x7f00000002c0)='net/raw6\x00HT\xf4\xfa\x92\xcaH\x1ci\xccui\x13W}9\x00ah\xde\x84\xf0\xbdU\x96\xbd11=*w\x81\x8d\x1c\x82\x04\x99n\xdf\xbcD\xe6{\t\x04\xaf\x92W\x00\xe4wt&\xff-\xae\x19\x9b\x97\nS\xe5\xafu_s\xf6\xf7\x14P\a\xe3\xc0\xed\xe28F/S\xcc\xcc\xeae\r\x97Z\xd1Q0\xa8Aj\x15\xaf\xf0\xc96bJ\xeeH%\x0f=\x01\x82\xf00\x9bE!\x9e\xbf\x12w\xcb\xc1\xd0\xf1*\xf9\xe7\xc7\xd3uI\x1c#\xfa\x92\x95\xca\xd6\xa39\xd1\xf0g\xe2!\f\\;qO\x97\xce\xcc\xbcU\xadLR\xf5 \xb0\xe8\x00'/176)
sendmsg(0xffffffffffffffff, 0x0, 0x8000)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
stat(0x0, 0x0)
connect$inet6(r0, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000007e00), 0x26e, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x65, &(0x7f0000000200)=0x12, 0x4)

[  523.373926][T19960] input: syz1 as /devices/virtual/input/input13
22:06:00 executing program 0:
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r0 = accept(0xffffffffffffffff, 0x0, 0x0)
splice(0xffffffffffffffff, 0x0, r0, 0x0, 0x0, 0x0)
clone(0x2804100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r1, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x0, &(0x7f000069affb)={0x2, 0x0, @loopback}, 0x10)
recvmmsg(r1, &(0x7f0000003980)=[{{0x0, 0x0, &(0x7f0000000940), 0x0, &(0x7f0000000980)=""/62, 0x3e}}], 0x6de, 0x62, 0x0)

22:06:00 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x22, &(0x7f0000000100)={@empty}, 0x1c5)

22:06:00 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
futex(&(0x7f0000000140)=0x1, 0x6, 0x0, &(0x7f0000000100)={0x400000000}, 0x0, 0x0)

22:06:00 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
syz_genetlink_get_family_id$nbd(&(0x7f0000000100)='nbd\x00')
pipe(&(0x7f0000002880))
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket(0x10, 0x3, 0x0)
write(r1, &(0x7f0000000040)="200000001a000100000000000000a00080000f00000000800000000000002000", 0x20)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, 0x0, 0x0)

22:06:00 executing program 1:
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, 0x0)
socket$key(0xf, 0x3, 0x2)
perf_event_open(&(0x7f00000006c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x20}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000380)={{{@in6, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@loopback, 0x0, 0x33}, 0x0, @in6=@local, 0x0, 0x0, 0x0, 0x6}}, 0xe8)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
sendmmsg(r0, &(0x7f0000007e00), 0x400000000000058, 0x0)

[  523.977148][T19984] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  524.025172][T19985] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
22:06:02 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(0xffffffffffffffff, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:06:02 executing program 0:
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r0 = accept(0xffffffffffffffff, 0x0, 0x0)
splice(0xffffffffffffffff, 0x0, r0, 0x0, 0x0, 0x0)
clone(0x2804100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r1, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x0, &(0x7f000069affb)={0x2, 0x0, @loopback}, 0x10)
recvmmsg(r1, &(0x7f0000003980)=[{{0x0, 0x0, &(0x7f0000000940), 0x0, &(0x7f0000000980)=""/62, 0x3e}}], 0x6de, 0x62, 0x0)

22:06:02 executing program 4:
msgrcv(0x0, &(0x7f0000000280)={0x0, ""/79}, 0xef88b4ff, 0x0, 0xa423ad41a879dde0)

22:06:02 executing program 1:
recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f0000000e00)=[{0x0}], 0x1, 0x0, 0x0, 0x8}}], 0x1, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='cmdline\x00')
preadv(r0, &(0x7f0000000480), 0x100000000000039d, 0x0)

22:06:02 executing program 5:
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x400000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='/\x02roup.stap\x00', 0x2761, 0x0)
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000080)=ANY=[@ANYBLOB="00ffffffff"])
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0xc0c0583b, 0x20000001)
perf_event_open$cgroup(&(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x1, 0x3ff, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8899, 0xfffffffffffff192, 0x0, 0x0, 0x100, 0x0, 0x5, 0x0, 0x8001, 0x0, 0x0, 0x3, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x7}, r0, 0x1, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000340)='./cgroup.net/syz1\x00', 0x200002, 0x0)
socket$kcm(0x29, 0x7, 0x0)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x0}, 0x18)
r1 = openat$cgroup_ro(r0, &(0x7f00000002c0)='cpuacct.usage_all\x00', 0x0, 0x0)
ioctl$TUNSETSNDBUF(r1, 0x400454d4, &(0x7f0000000380))
write$cgroup_int(r0, &(0x7f00000000c0), 0x1802a140)

22:06:02 executing program 2:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000240)='/dev/null\x00', 0x0, 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000300)='/dev/autofs\x00', 0x800, 0x0)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffff9c, 0x84, 0x9, &(0x7f00000007c0)={<r2=>0x0, @in6={{0xa, 0x4e21, 0xe, @initdev={0xfe, 0x88, [], 0x1, 0x0}}}, 0x105, 0x0, 0x80000000, 0x0, 0xa6}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000280)={<r3=>0xffffffffffffffff}, 0x0, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_ACCEPT(r1, &(0x7f0000000a00)={0x8, 0x120, 0xfa00, {0x4, {0x0, 0x3, "a11fd9bb777ed6d2de013aa84c1780812dde64019c3679140f98742d991c188999137e2c0c273c01ce5ee4a98e9a5f9621977495adc63b5e42cfed5f869c9b9c3762653da39cff6f836d3d8c2f820218e7f36d69edfe4f612f003ba171580d5d229a27995ec89a2ae6ea35537a994f882cb14b30ea1e81f4ffce42d406d795b1667439abc3912178aa17fed740c80915b5df43ad2e40db2e0c07023314ebb582148f97bf4b7f329a3f160dfa8dc19707f955096b143bd08da435072e87ba883dfc7fec35c82353166a54e432bd274068adc33e99bed553bae5b0410241e3d969c47980bfb66acc42eae3297dadf62b3f5d48f2bbbae626416b7f89ba77f540b4", 0xb9, 0x4, 0xffc0000000000000, 0x0, 0x100000000, 0x1, 0x3}, r3}}, 0x128)
open_by_handle_at(r1, &(0x7f0000000480)={0xdc, 0x5, "f8084606784078830c8a44c999434aea8ff30e1f19523eb246bef90adf7d04e986a1800486e87b4768eecf079a173a83e4386a470fab8ab7e54e62fc0a8efa782a60cee7c4c241df77104c2aca0b3c322b599d06da15a2ed1a5e32c1326f912b2b650c7c78d89480793992d1dae5d17969b61e304bde340367b6063ab1f9a90438368877c46145d1ce3b1d56a0b70f39dd968aa46a07529effddc960aa41b220c7f28270451c73c8dcf28e51d985920208dda08b4edf4a06bf6b202e75a7378f494b3db7758475fa3e9f5a8c6ef37c784d553962"}, 0x200200)
sched_setaffinity(0x0, 0x3d31, &(0x7f0000000200)=0xa000000000000005)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(0xffffffffffffffff, 0x84, 0x78, &(0x7f0000000000)=r2, 0x4)
io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000140)=[r0, r1, r0, r0, r0], 0x5)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x159)
r4 = getpid()
r5 = getpgrp(r4)
getpgid(r5)
lsetxattr$security_selinux(&(0x7f0000000880)='./file0\x00', &(0x7f0000000400)='security.selinux\x00', &(0x7f0000000900)='system_u:object_r:auditctl_exec_t:s0\x00', 0x25, 0x1)
getpgrp(0x0)
ioctl$sock_bt_bnep_BNEPGETCONNLIST(r1, 0x800442d2, &(0x7f00000000c0)={0x0, 0x0})
r6 = open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1)
ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f0000000080)={0x8, &(0x7f0000000040)=[{}, {<r7=>0x0}, {}, {}, {}, {}, {}, {}]})
ioctl$EVIOCSABS2F(r6, 0x401845ef, &(0x7f00000001c0)={0xffffffffffffffc1, 0x5, 0x3, 0x8b6, 0x2, 0x1})
ioctl$DRM_IOCTL_UNLOCK(r6, 0x4008642b, &(0x7f0000000100)={r7, 0xa})
clone(0x4007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000440)='./file0\x00', &(0x7f00000006c0)=[&(0x7f0000000580)='wlan1\x00', &(0x7f0000000600)='security.capability\x00'], &(0x7f0000000780)=[&(0x7f0000000700)='proc\x00', &(0x7f0000000740)='!\x00'])

22:06:02 executing program 4:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000780)='/dev/ppp\x00', 0x0, 0x0)
ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000640)=""/246)

22:06:03 executing program 2:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000780)='/dev/ppp\x00', 0x101002, 0x0)
ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000640)=""/246)

22:06:03 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070")
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc//net/ipv4/vsS\x84#hntrack\x00\x00\x00\x00x:\xddeY*Bi\"K\x90\xc8}\xf3\xcd\xcf9\x00\xdaO|\xc1s\xfa\x9eR2\xeb\xde\xfa\x05\xaa\xfd\x98\xd7\f\xee\xb3\xd2\x83\x9f+V5\x87M\xc4\b\x00\xd9\x18\x94s\x16Wk\xd1\x9d=a\xc9\x90\xa7{\xee\xe2\x84\x18\xa9)\x7f$\xd5\xb0\xf1@\x9cd\xa05;W\xf3\xf1Ycu\x8e\xbd\x84\x0e\xf3{\xaee\xff0\xa5%d\xbb\x118\xc4\xb8\xb6\x03\xe6{\xbd\xa3.+\xb5\x8e\xa2\x9a\x88m!\xf0\x03\xc3\x81\xa4\xc3E\x04\x15\x8b\xa9\xdd\t\x00\x00\x00(\xf4\xadb}\xa4@<k\"p(\xff\x99x\xb5d\x03\x85\xa2\xab\xd3\x18\x92\x7f0\xc9\xf5I\xbc?\x8a^\xe3\xfd$\xcd(\xfbl\xd9\x92\a\xf6f\x06\xb7\xd9BX\x90\xf5.\x85\xaf\xe38\x1b\xa7n\x9a;I\x7fhe\xa7\n\x8e\xe9$\xca1\xdaR\\%H\x84N]\xec\xfcE\xcbU\xa3\xf9\xa5\t\xffY\xfe\xde\xc0\x9c\xe0bs\xfe\xccu\x11\xe8\x7f\xf3\x8a@m\x822\x9c\xffTy\x17K\xdc\xee\x1a\fM\x15d\x95|\xdb\xf5B\xe1\xc1(\xeb\xe1C\v\xba\xf8\x01)\b\x86o\xc7\x1b/\x16\xdd\xc1\x99\x104\x86:=\xbe\x8b\r\xfb\x02\xff\x91\xfd\x12-\xf3\"#BOb2C\xb3\xed\xeb\xf7F\xf5[>\xdb\xb6(\xa7\"\x128\b\x98n\x0f\x18\x0e\xa7\xb4xJ\xc2\xc4\xe0WK\xf1\x83\xe6\x8b\x86\xd9', 0x2, 0x0)

22:06:03 executing program 1:

22:06:03 executing program 4:

22:06:03 executing program 0:

22:06:05 executing program 2:

22:06:05 executing program 1:

22:06:05 executing program 4:

22:06:05 executing program 0:

22:06:05 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(0xffffffffffffffff, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x15)

22:06:05 executing program 5:

22:06:06 executing program 1:

22:06:06 executing program 2:

22:06:06 executing program 0:

22:06:06 executing program 4:

22:06:06 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4)
connect$inet6(r0, &(0x7f0000000080), 0x1c)
r1 = dup2(r0, r0)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224)
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ff5, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r2 = gettid()
setsockopt$inet_int(r1, 0x0, 0x32, &(0x7f0000000100)=0xfffffffffffffffd, 0x4)
ptrace$setopts(0x4206, r2, 0x0, 0x0)
tkill(r2, 0x30)
shutdown(r0, 0x0)

22:06:06 executing program 0:

22:06:06 executing program 2:

22:06:06 executing program 1:

22:06:06 executing program 4:

22:06:09 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(0xffffffffffffffff, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, 0x0, 0x0)
tkill(r4, 0x15)

22:06:09 executing program 0:

22:06:09 executing program 2:

22:06:09 executing program 4:

22:06:09 executing program 1:

22:06:09 executing program 5:

22:06:09 executing program 5:

22:06:09 executing program 0:

22:06:09 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl(0xffffffffffffffff, 0x1000008912, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000040)=0x74, 0x4)
bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_genetlink_get_family_id$team(0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f00000023c0))
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x4)
write$binfmt_script(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="2321202e8eb7690b65300a06b754e6bd145d7d73bf1e32ec47f4e4abeb7c19f0b1c35e2e252ae872d2456dab89c8a417fd1c2245bdacfa798f65359f48fe639bf0fcf2aad12c084f8004534eec3a8638dcfd8acdc3990cd000e5c8b53fd63c463e3de2cb0000000000"], 0x69)
write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a)

22:06:09 executing program 4:
prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmsg(0xffffffffffffffff, 0x0, 0x40000)
clone(0x80003102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000300)=@nat={'nat\x00', 0x19, 0x1, 0x164, [0x200000c0, 0x0, 0x0, 0x200000f0, 0x20000120], 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000000000002100000088ac111b00000000ffffffff0000000000000000000000000000000000000000080000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000001100000000000000000076657468300000000000000000000000626f6e645f736c6176655f31000000006772653000000000000000000000000076657460315f746f5f626f6e640000000180c2000000000000000000aaaaaaaaaabb0000000000000000ac000000ac000000d40000006c696d69740000000000000000000000000000000000000000000000000000001800000000e6ff072fd85e000000000000000000000000000000000072656469726563740000000000000000000000000000000000000000000000000400000000000000"]}, 0x1dc)
modify_ldt$write2(0x11, &(0x7f0000000140)={0x6}, 0x10)
r1 = socket$inet(0x2, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = fcntl$dupfd(r0, 0x406, r1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000000440)={0x0}, 0x1, 0x0, 0x0, 0x20000801}, 0x4000000)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
getsockopt$IP_VS_SO_GET_TIMEOUT(r2, 0x0, 0x486, &(0x7f0000001bc0), &(0x7f0000001c00)=0xc)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000480))
openat$pfkey(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/self/net/pfkey\x00', 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000001b40)='security.selinux\x00', 0x0, 0x0, 0x1)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0xfc86, &(0x7f0000000400)='cpuset-eth0\x00'}, 0x3a)
symlinkat(&(0x7f0000000080)='./file0\x00', r2, 0x0)
write$FUSE_LK(0xffffffffffffffff, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x400020fe)
ioctl$sock_inet6_udp_SIOCINQ(r2, 0x541b, &(0x7f0000001c40))

22:06:09 executing program 5:
perf_event_open(&(0x7f0000000580)={0x2, 0x70, 0x5c65, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='status\x00')
readv(r0, &(0x7f0000000300)=[{&(0x7f0000001400)=""/4096, 0x1000}], 0x1)

22:06:09 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4)
connect$inet6(r0, &(0x7f0000000080), 0x1c)
r1 = dup2(r0, r0)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132568)
clone(0x2102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r2 = gettid()
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x41, 0x0, 0xfffffffffffffe7a)
ptrace$setopts(0x4206, r2, 0x0, 0x0)
wait4(0x0, 0x0, 0x0, 0x0)
tkill(r2, 0x3c)

22:06:12 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(0xffffffffffffffff, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, 0x0, 0x0)
tkill(r4, 0x15)

22:06:12 executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x3, &(0x7f0000000040)=@framed={{0x5, 0x0, 0x0, 0x80ffffff, 0x0, 0x71, 0x10, 0x39}}, &(0x7f0000000080)='GPL\x04\x9c5\x14\xbfw-\xa0z\xe8.vY\n6\xf6I>\xc1\xab\x91\xb3\x97\xe4*\xbf\x1e\xa6\xcd\x8c\xd7t\'\xfc\x9a\x9e+qe\xf5+A\a\xbf\bP\xd8\x99\xdcR\xd0\x13\x17]\xdb\x1b/F <*\x05\xb7\"\xe3>Uo\xb2\xe3\xf3\x9a<\xde\x1f\xcaSd\x037\xec\x95aF\xbd\xbf\xcb\x11Pp\x19V1\xde]!\xa5\xea\x9ec\x8c+\xdbx\xa5\x01\xcaKn\xa3\x13\xd8%h\xf98,,?o\xab\xa6\xb4\xeeTy;N\xd2m\xae>R\"P)\xbb*\xc0\x00\x7fwuL?#\xce\xda\x98\t\xb9\xa9hJ\x94\n\xbc\xaa\x8c\xfc\xc7\x13>\xc4\"\xe9\xc88\x881\x8dA\xe9\xa4\x93\xf0\x19_\xe2Y\x96Q\xb8\x95\x04\xf5\xdb\xa1F%\xce#f\xf3=\x95\xdb\xa9/\x86ry\xca\xbfJ\xce\xdd\xc8Z\x8a\xf7\xa0\xfah\xd7g\xceQ6\xb9\xd0\xd1\x96lI\x9c\xb6\xbf4\xc2\x7f\x00'/248, 0x0, 0x2}, 0x48)

22:06:12 executing program 5:
syz_open_procfs(0x0, &(0x7f0000000080)='fd/4\x00')
dup2(0xffffffffffffffff, 0xffffffffffffffff)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000340)='/dev/fuse\x00', 0x2, 0x0)

22:06:12 executing program 2:
poll(&(0x7f00000002c0)=[{}], 0x1, 0x8000000000049)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0x893f, 0x0, 0x0, 0x800e00519)
fstat(r0, &(0x7f00000000c0))
recvfrom$inet(r0, 0x0, 0x10201, 0x2, 0x0, 0x800e0051d)
shutdown(r0, 0x0)

22:06:12 executing program 4:
poll(&(0x7f00000002c0)=[{}, {}, {}], 0x3, 0x8000000000049)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0x893f, 0x0, 0x0, 0x800e00519)
r1 = dup2(r0, r0)
getsockopt$inet_tcp_int(r1, 0x6, 0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x10201, 0x0, 0x0, 0x800e0051d)
shutdown(r0, 0x0)

22:06:12 executing program 1:
poll(&(0x7f0000000080), 0x1, 0x4e)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00515)
r1 = getpid()
wait4(r1, 0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0xfffffe44, 0x0, 0x0, 0x800e00521)
shutdown(r0, 0x0)

22:06:12 executing program 5:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x0, 0x0, 0x0)
fcntl$getflags(0xffffffffffffffff, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x800e00480)

22:06:12 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
poll(&(0x7f0000000040)=[{r0}, {}], 0x2, 0x4e)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00515)
r2 = getpid()
wait4(r2, 0x0, 0x0, 0x0)
recvfrom$inet(r1, 0x0, 0xfffffe44, 0x0, 0x0, 0x800e00521)
shutdown(r1, 0x0)

22:06:12 executing program 1:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pf\x00', 0x0, 0x0)
poll(&(0x7f0000000140), 0x17, 0x8000000000049)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0x26ba, 0x0, 0x0, 0x800e00517)
recvfrom$inet(r0, 0x0, 0xfffffe1d, 0x2, 0x0, 0x0)
shutdown(r0, 0x0)

22:06:12 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = fsopen(&(0x7f0000000200)='tmpfs\x00', 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, &(0x7f00000003c0)='dirsync\x00', 0x0, 0x0)

22:06:12 executing program 2:
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_UIE_ON(r0, 0x7003)

22:06:12 executing program 0:
mkdir(&(0x7f0000000240)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, 0x0, 0x0)
read$FUSE(r0, &(0x7f0000000480), 0x1000)
r1 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0x12}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x13)

22:06:15 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(0xffffffffffffffff, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, 0x0, 0x0)
tkill(r4, 0x15)

22:06:15 executing program 2:
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_UIE_ON(r0, 0x7003)

22:06:15 executing program 4:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000000c0)={&(0x7f0000000080)='./file0\x00'}, 0x10)
ioctl$VT_SETMODE(0xffffffffffffffff, 0x5602, 0x0)
perf_event_open(&(0x7f000000a000)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8000000200000000, 0x800007f, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000fb5ffc)='nfs\x00', 0x0, &(0x7f000000a000))

22:06:15 executing program 1:
mkdir(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$usbmon(&(0x7f0000000180)='/dev/usbmon#\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, 0xffffffffffffffff)
dup2(r0, r1)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0)

22:06:15 executing program 5:
sync()
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000500)='/dev/zero\x00', 0x0, 0x0)
ioctl$PPPIOCDISCONN(0xffffffffffffffff, 0x7439)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0)

22:06:15 executing program 0:

22:06:15 executing program 0:

22:06:15 executing program 4:

22:06:15 executing program 2:

22:06:15 executing program 5:
sync()
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000500)='/dev/zero\x00', 0x0, 0x0)
ioctl$PPPIOCDISCONN(0xffffffffffffffff, 0x7439)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0)

22:06:15 executing program 1:
mkdir(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$usbmon(&(0x7f0000000180)='/dev/usbmon#\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, 0xffffffffffffffff)
dup2(r0, r1)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0)

22:06:15 executing program 2:

22:06:18 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(0xffffffffffffffff, r2, 0x0)
gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(0x0, 0x15)

22:06:18 executing program 0:

22:06:18 executing program 4:

22:06:18 executing program 5:

22:06:18 executing program 2:

22:06:18 executing program 1:

22:06:18 executing program 1:

22:06:18 executing program 0:

22:06:18 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
accept4(r0, 0x0, &(0x7f0000000080), 0x800)
getegid()

22:06:18 executing program 2:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x50000}]})
setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, 0x0, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
r0 = getegid()
chown(0x0, 0x0, r0)

22:06:18 executing program 5:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x50000}]})
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x0, 0x0, 0x0)

22:06:18 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, 0x0, 0x0)
bind$netlink(r0, &(0x7f00000001c0), 0xc)

22:06:18 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(0xffffffffffffffff, r2, 0x0)
gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(0x0, 0x15)

22:06:18 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
poll(&(0x7f0000000000)=[{r0}, {r0}, {r0, 0xd0f7b8057660d9c2}], 0x3, 0x1000000004e)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xcfb3abb5, 0x0, 0x0, 0x800e00a4f)
poll(&(0x7f0000000140), 0x2000000000000004, 0x1fd)
shutdown(r1, 0x0)

22:06:18 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f00000015c0)=[{&(0x7f0000000040)=""/44, 0x2c}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x7)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xfffffecb, 0x0, 0x0, 0x800e00515)
shutdown(r0, 0x0)
dup(r1)
recvfrom$inet(r1, 0x0, 0xd172, 0x2, 0x0, 0x800e0050e)
shutdown(r1, 0x0)

22:06:18 executing program 1:
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x94}], 0x1, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000380)='net/igmp\x00')
preadv(r0, &(0x7f0000000480), 0x2d1, 0x400000)
bind$bt_rfcomm(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCGICOUNT(0xffffffffffffffff, 0x545d, 0x0)
socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0)

22:06:18 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x294)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r1 = dup2(r0, r0)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64)
clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$sock_timeval(r1, 0x1, 0x15, &(0x7f0000000140)={0x77359400}, 0x10)
write$P9_RSTATFS(r1, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000100)="2265162d6c36d2d553b535288f726cee2343cd3da80438bbe33926e61647fc7fcab63c030ef325ad0f899dcc3d1baefa9b3b5a978b1e8319bcc3c41f139590cb2be0b46092dbd2174e400b05", 0x4c}], 0x1, 0x0)

22:06:18 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x8001000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x6}, 0x1c)

22:06:19 executing program 1:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x50000}]})
openat$full(0xffffffffffffff9c, 0x0, 0x44000, 0x0)

22:06:19 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockname(r0, &(0x7f0000000300)=@generic, &(0x7f0000000100)=0x80)

22:06:19 executing program 5:
setpgid(0x0, 0x0)
rt_sigqueueinfo(0x0, 0x25, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
setitimer(0x2, &(0x7f00000000c0), &(0x7f0000000100))

22:06:19 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='\x00\b-')
fchdir(r0)
r1 = inotify_init()
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
inotify_add_watch(r1, &(0x7f00000000c0)='.\x00', 0x1)
getdents64(r0, &(0x7f0000002100)=""/4096, 0x1000)
getdents64(r0, 0x0, 0xfffffffffffffd72)

22:06:19 executing program 1:
r0 = epoll_create1(0x0)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000140))
poll(&(0x7f0000000080)=[{r0}], 0x1, 0x0)

22:06:19 executing program 5:
r0 = socket$inet6(0xa, 0x2, 0x88)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x14e24}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e24, 0x0, @loopback}, 0x1c)
recvmmsg(r0, &(0x7f0000008600)=[{{0x0, 0x0, &(0x7f0000004440)=[{&(0x7f00000029c0)=""/201, 0xc9}, {&(0x7f00000033c0)=""/4096, 0x1000}], 0x2}}], 0x1, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000003140)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="a0ee6df879602bcd29bab7efbe62de39f409d1f2f6e008151726ac20333a106ade8f271c839be5231109a8a05de13e88d56bd00f09b447f64c04a9125db781eec69f1b531c", 0x45}], 0x1}}], 0x1, 0x0)

22:06:19 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(0xffffffffffffffff, r2, 0x0)
gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(0x0, 0x15)

22:06:19 executing program 4:
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000002c0)={0x0, 0x2af, &(0x7f00000001c0)={&(0x7f0000000300)=@getsa={0x3c, 0x12, 0x21, 0x0, 0x0, {@in6=@dev}, [@srcaddr={0x14, 0xd, @in6=@loopback}]}, 0x3c}}, 0x800)

22:06:19 executing program 0:
mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0)
open(0x0, 0x0, 0x0)
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x2)
write$binfmt_aout(r0, &(0x7f0000000100)=ANY=[], 0x225)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r0, &(0x7f0000000300), 0x7fff)

22:06:19 executing program 5:
socketpair$unix(0x1, 0x10000000002, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket(0xa, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f0000000000)={0x0, 'brge0\x00\x00\x00\a\x00', 0x1}, 0x2)
ioctl(r1, 0x8916, &(0x7f0000000000))
ioctl(r1, 0x80000000008936, &(0x7f0000000000))

22:06:19 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = socket$inet6(0xa, 0x8000008000080003, 0x5)
r2 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0xffffffffffffff0e, &(0x7f0000000040)={&(0x7f0000000140)=@bridge_setlink={0x28, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@IFLA_AF_SPEC={0x8, 0xc, [{0x2}]}]}, 0x28}}, 0x0)

22:06:19 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xf7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x7ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='mounts\x00')

22:06:19 executing program 0:
mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0)
open(0x0, 0x0, 0x0)
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x2)
write$binfmt_aout(r0, &(0x7f0000000100)=ANY=[], 0x225)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r0, &(0x7f0000000300), 0x7fff)

22:06:19 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='configfs\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
getdents(r0, &(0x7f00000000c0)=""/160, 0xa0)

[  542.858121][T20310] bridge0: port 1(bridge_slave_0) entered learning state
22:06:20 executing program 5:
r0 = syz_open_procfs(0x0, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='rpc_pipefs\x00', 0x0, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
getpid()
rmdir(&(0x7f0000000200)='./file0\x00')
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000f40)={{{@in=@dev, @in=@broadcast}}, {{@in6}, 0x0, @in6=@initdev}}, &(0x7f0000001040)=0xe8)
getpgid(0x0)
prctl$PR_GET_NAME(0x10, 0x0)
syslog(0x9, &(0x7f0000000240)=""/62, 0x3e)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000))
r1 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e28000000110affff82aba0aa1c0009b356da5a80918b06b20cd37ed01cc000"/76, 0x4c}], 0x1}, 0x0)

22:06:20 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(0xffffffffffffffff, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x0)

22:06:20 executing program 4:
r0 = syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000001840)={{0x80}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \xd6\xf7\xbf\x19\x8f\xb3\x01\xd6\x00'})
ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f0000000040)={{0x0, 0x1}, {0x80}})

22:06:20 executing program 1:
r0 = syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000001840)={{0x80}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \xd6\xf7\xbf\x19\x8f\xb3\x01\xd6\x00'})
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f0000000040)={{0x0, 0x1}, {0x80}})

22:06:20 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="70070c5ec07ef1", @ANYRES16=0x0, @ANYBLOB], 0x3}}, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

22:06:20 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400202)

22:06:20 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000000, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x38)
ptrace$cont(0x18, r0, 0x0, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0xfffffffffffffffc, 0x100, 0xc8})
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r0, 0x0, 0x0)

[  543.255365][T20333] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'.
22:06:20 executing program 4:
r0 = add_key$keyring(&(0x7f0000001200)='keyring\x00', &(0x7f0000000380)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
socketpair$unix(0x1, 0x4000000001, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
keyctl$assume_authority(0x10, r0)

22:06:20 executing program 1:
socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000dc9ff0), 0x10)
socket$packet(0x11, 0x0, 0x300)
pipe(0x0)
clone(0x13102001fef, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mlockall(0x0)
clone(0x1080000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = openat$full(0xffffffffffffff9c, 0x0, 0x41, 0x0)
mlockall(0x400000007)
socket$inet6(0xa, 0x0, 0x0)
getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, 0x0, &(0x7f0000001180))

22:06:20 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:20 executing program 5:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x9e, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
stat(&(0x7f0000000040)='./file0\x00', 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x3, 0x2172, 0xffffffffffffffff, 0x0)

22:06:20 executing program 4:
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo\x00')
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x9e, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getdents(r0, &(0x7f0000000180)=""/190, 0xbe)

22:06:21 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, r2})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000080)={0x0, 0x0, 0x0, r2, 0x0, [0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff]})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000100)={0x0, 0x0, 0x0, r2})

22:06:21 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(0xffffffffffffffff, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x0)

22:06:21 executing program 4:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x9d, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = memfd_create(&(0x7f0000000300)='\vemI\xc1\x8dO\xc0\xa3\\\xe2\xcb\xa2\xba\xcb\xf4\x97\xac#*\xff\xc0\xd0\xe7\x99y\x05\f\xb9\x15R8\xce1\xb3\xd6\xcf\xbf\xaa\x88\xcb\xf0\x1cw61\x9f\xc2\x85+\x87  \\\xde\xde\x0f<HC\x90\xf4F\v\x1c,\x9c\xb5\x1b\xf7\x02s\xdf\xca\xf1+\xae\xc71\b\xad\x8f\xc2\xcb\r\xfb\xdd\x18t\xce\xeb\x81H\xb8;\xd5\xe02\xac\xb3\xc24\xf705\xf8\x158d\x8a.\xaau\xf6\xa6d\xd6\xf3\xb2(e\xfai\xb5\x9e\xe4\xbd\x8e\x17\xab\x11y\xdc\x19t!f\xba\x9f5y\xe9\x94\x0eTu\x8f\xb3):9\xd2\xf96\xfb\xb3\x82', 0x0)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x0, 0x11, r0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x33, &(0x7f000002eff0)={0x32b, &(0x7f0000000000)=[{}]}, 0x10)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0)

22:06:21 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:21 executing program 0:
open(&(0x7f0000000340)='./file0\x00', 0x40, 0x0)
creat(&(0x7f0000000200)='./file1\x00', 0x0)
rename(&(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='./file1\x00')

22:06:21 executing program 4:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x9d, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20000000, &(0x7f0000000340)={0xa, 0x0, 0x0, @rand_addr="945fd69d95f143da1fca4b07358b3414"}, 0x1c)

[  544.412946][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  544.419608][    C0] protocol 88fb is buggy, dev hsr_slave_1
22:06:21 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:21 executing program 0:

[  544.732785][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  544.739367][    C0] protocol 88fb is buggy, dev hsr_slave_1
22:06:22 executing program 1:
socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000dc9ff0), 0x10)
socket$packet(0x11, 0x0, 0x300)
pipe(0x0)
clone(0x13102001fef, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mlockall(0x0)
clone(0x1080000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = openat$full(0xffffffffffffff9c, 0x0, 0x41, 0x0)
mlockall(0x400000007)
socket$inet6(0xa, 0x0, 0x0)
getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, 0x0, &(0x7f0000001180))

22:06:22 executing program 4:

22:06:22 executing program 0:

22:06:22 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:23 executing program 4:

22:06:23 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup3(0xffffffffffffffff, r2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x0)

22:06:23 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'aead\x00', 0x0, 0x0, 'morus640-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x10)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
io_setup(0x20000000001005, &(0x7f0000000880)=<r2=>0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
io_submit(r2, 0xa, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340), 0xfdef}])

22:06:23 executing program 0:

22:06:23 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:23 executing program 1:

22:06:23 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000540)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)=0x3)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)

22:06:23 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r3, 0xaeb7, 0x0)
dup2(r2, r3)

22:06:23 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/kvm\x00', 0x0, 0x0)
unshare(0x8000600)
ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae07, 0x0)

22:06:23 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:24 executing program 0:
mount(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
getpgid(0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e28000000110affff82aba0aa1c0009b356da5a80918b06b20cd37ed01cc000", 0x43}], 0x1}, 0x0)

22:06:24 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x80000000000a01, 0x0)
write$binfmt_aout(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="2d5ef1f46ac9ef240d025393e7672d2835b278f141a2585982096bdd4f8c933f2d7c88322b859b6462fa5bb921c1e193d1ddd2cf2ea67c0019d2fece8752e5c2adffdb099afb396eb4bb8e5ff7ca4d0e8054edc2745aee4defbcb05d1520759add602f55f5a38fb1d0949e6b28cc8b65500a890dc3a8d90700000022e0a4e575ad6dec9eb4775f9c9964f8f122b0a894a2e92f649eb09e1d0000900c587327e87f4c773ce097e710b013"], 0xaa)
ioctl$TCSETAF(r0, 0x5404, &(0x7f0000000000))

22:06:24 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:24 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x3ae, &(0x7f0000000080)={0x0}}, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f000000dfaa)="5500000018007f5300fe01b2a4a280930a00000000000000000000003900090035000c000600000019000500fe800000000000dc1338d54400009b84132000000083de448daa7227c43ab8220000060cec4fab91d4", 0x55}], 0x1}, 0x0)
r1 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r1, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)}], 0x492492492492805, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

22:06:24 executing program 5:
socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$mice(&(0x7f00000002c0)='/dev/input/mice\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptmx\x00', 0x0, 0x0)
pipe(&(0x7f0000000440))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000380)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b7, 0x2c01}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

22:06:24 executing program 0:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={<r1=>0x0, <r2=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x0, 0x0, 0x8000000000000003, 0x5}, 0x2b)
close(r1)
setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000a00), 0x11b)
socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000340)={<r3=>0x0, <r4=>0x0})
close(r3)
setsockopt$sock_attach_bpf(r4, 0x10f, 0x87, &(0x7f0000000180), 0x127)
sendmsg$tipc(r4, &(0x7f0000001540)={&(0x7f0000000040), 0x10, 0x0}, 0x0)

22:06:24 executing program 1:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
recvmmsg(r0, &(0x7f0000003b40)=[{{0x0, 0xfffffffffffffe76, 0x0, 0x0, 0x0, 0xc}}], 0x40000000000004d, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000000)=0xfd4, 0x4)
shutdown(r0, 0x0)

22:06:24 executing program 3:
r0 = syz_open_procfs(0x0, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='rpc_pipefs\x00', 0x0, 0x0)
setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f0000000540)={0x670, {{0x2, 0x4e22, @multicast1}}, {{0x2, 0x4e23, @multicast1}}}, 0x108)
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000f40)={{{@in=@dev, @in=@broadcast}}, {{@in6}, 0x0, @in6=@initdev}}, &(0x7f0000001040)=0xe8)
getpgid(0x0)
clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000))

22:06:24 executing program 3:
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040), 0xc, &(0x7f0000000780)={&(0x7f0000000240)=ANY=[@ANYBLOB="b00200002e001b0828bd099bc669349adaa909fa54b78100df2500000000", @ANYRES32, @ANYBLOB="0a001f0010000800f2ffffff0c000100636f726f75700000d80002009400010090000e0000000c000100766c616e000000005c0002001c0002000008000001000000000000100300000000000100010000000800060006000000080003003a0c0000080003006c0a001008000300320700001c00020007000000090000000f000000090000003f000000010000002000060078115871fe9585bb2fc52d3451000000400002003c00010008000000ffffffff0700000005000000b0000000070101feb15201008b000000aa01ffff0300fffe010400000600000001000000ff07000008000b00040000000c00010072737670000000008c01020008000200ac1e000108000100f3ff1f00400005003c000100000000800d000000000200003ba30000050000000902fcff0300f7ff008000000400ffff367501fca74000088000000000000000fdffffff240106002001030000001000010074756e6e656c5f6b65790080180002001400050000000000000000000000000000000000f00006008d3d151876b2ee8699120f255e40ff4404d15d60deb27e144bd382f5fb59542c35b0e2114ab24813debcf1a4f1fec10526a2e58803d914b145c0bb20dee4cd3c1766330659feae0e5a39c7ada192073b5f87a827050944790bf8753de96cc6e5f2ffc7f470d9e4e0c3618d3002c194a15f43fa93a9970c4bce94b4a34ccdb2c83213d0868b85cb578f6892a2dc9dc4a46315cc5c8e86735b54c70a30285e3504ef2d479401331d45ae3d34ff7ec20ccfafd9b22af757fb850155f44a4fbe09f323cfd96509536b9398d05112b027cb76b7a12f17aad9c86e8342b0aef94c44388ce66a9cec8afdc5ad4d000000000c000500080005008000000008000300ffffffff08000b000100008000"/664], 0x2b0}, 0x1, 0x0, 0x0, 0x4000000}, 0x20004044)
sendmmsg$alg(r0, &(0x7f0000000140)=[{0x40000000, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)}], 0x492492492492805, 0x0)

[  547.714507][T20479] IPv6: NLM_F_REPLACE set, but no existing node found!
22:06:24 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:24 executing program 0:
r0 = socket$inet6(0xa, 0x4001000800000002, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000240)={'ip_vti0\x00', &(0x7f0000000280)=@ethtool_perm_addr})

22:06:24 executing program 1:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890c, &(0x7f0000000080)={0x750, {0x2, 0x0, @dev={0xac, 0x8, 0xa}}, {0x2, 0x0, @remote}, {0x2, 0x0, @broadcast}, 0x0, 0x4000000000, 0x80000000000, 0xfffffffffffffffe})

[  547.965447][T20501] netlink: 480 bytes leftover after parsing attributes in process `syz-executor.3'.
[  548.007367][T20505] netlink: 480 bytes leftover after parsing attributes in process `syz-executor.3'.
22:06:25 executing program 0:
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x1b0, &(0x7f00000000c0)=0x9)
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup2(r1, r0)
shutdown(r2, 0x0)

22:06:25 executing program 1:
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
pipe(&(0x7f0000000440)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f0000000340), 0x41395527)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
clock_gettime(0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)
vmsplice(r0, 0x0, 0x0, 0x0)

22:06:25 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

[  548.475180][T20491] IPv6: NLM_F_REPLACE set, but no existing node found!
22:06:25 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptmx\x00', 0x0, 0x0)
pipe(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$rds(0x15, 0x5, 0x0)
write(r1, &(0x7f0000000340), 0x41395527)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b7}, 0x0, 0x0)
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:06:25 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f00000000c0)={0x1c, 0x1})
dup2(r2, r3)

22:06:25 executing program 0:
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000380)={{{@in=@empty, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0}}, {{@in6=@empty}, 0x0, @in=@multicast2}}, &(0x7f0000000100)=0xe8)
uname(&(0x7f0000000300)=""/49)
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='memory.events\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r2, 0x40a85321, 0x0)
close(0xffffffffffffffff)
r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000005a40)='/dev/vsock\x00', 0x0, 0x0)
fcntl$getown(r1, 0x9)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000006f80)={&(0x7f0000000480)=@file={0x0, './file0\x00'}, 0xfffffffffffffedd, &(0x7f0000006ec0), 0x0, &(0x7f0000006f40), 0x20, 0x48040}, 0x4000)
r4 = creat(&(0x7f0000000000)='./file0\x00', 0x1c)
add_key(&(0x7f0000000040)='logon\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f0000000740)="23c21a35e498e8d4fdb6f434f616ed90ded66a51b5c2af61dfa192cf05ae549d1ad654b97899cacb8b6a92b50d35f0363d99e918b9652c5fd88ea560768ac3de2a429efc55fc840168a0bc6906fba1ccc73ca488f889c26f4f8de93dac34d66c63f428c4a45e4c0175be4bee72c37f6576f031ca6e441202307779e2f731", 0x7e, 0x0)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, 0x0, 0x0)
ioctl$PPPIOCSACTIVE(r4, 0x40107446, &(0x7f0000000500)={0x1, &(0x7f0000000080)=[{0x2, 0x0, 0xcdc8a73, 0x7}]})
write$P9_RCLUNK(0xffffffffffffffff, 0x0, 0x20097be3b3582087)
bind$bt_rfcomm(0xffffffffffffffff, &(0x7f0000000140)={0x1f, {0x885, 0xfffffffeffffffff, 0x0, 0x6}, 0x9}, 0xa)
socket(0x2, 0xf9889fdeb9750ffa, 0x2)
recvmmsg(r4, 0x0, 0x0, 0x40002002, 0x0)
getgroups(0x0, &(0x7f0000000340))
ioctl$TIOCCONS(r2, 0x541d)
sched_setaffinity(0x0, 0x7, &(0x7f00000000c0)=0x9)
ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, &(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESOCT=r0])
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fadvise64(r3, 0x0, 0x7, 0x2)
r5 = creat(&(0x7f0000000340)='./file0\x00', 0x7)
fallocate(r5, 0x0, 0x0, 0x8200003)

22:06:25 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:25 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x30, r1, 0x505, 0x0, 0x0, {{}, 0x0, 0x2, 0x0, {0x14}}}, 0x30}}, 0x0)

22:06:25 executing program 5:
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000380)={{{@in=@empty, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0}}, {{@in6=@empty}, 0x0, @in=@multicast2}}, &(0x7f0000000100)=0xe8)
uname(&(0x7f0000000300)=""/49)
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='memory.events\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r2, 0x40a85321, &(0x7f0000000580)={{}, 'port0\x00', 0x46, 0x40, 0x7, 0x40, 0x0, 0x80000001, 0xfffffffffffff5ad, 0x0, 0x7, 0x20})
close(0xffffffffffffffff)
r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000005a40)='/dev/vsock\x00', 0x0, 0x0)
fcntl$getown(r1, 0x9)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000006f80)={&(0x7f0000000480)=@file={0x0, './file0\x00'}, 0xfffffffffffffedd, &(0x7f0000006ec0), 0x0, &(0x7f0000006f40), 0x20, 0x48040}, 0x4000)
r4 = creat(&(0x7f0000000000)='./file0\x00', 0x1c)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, 0x0, 0x0)
ioctl$PPPIOCSACTIVE(r4, 0x40107446, &(0x7f0000000500)={0x1, &(0x7f0000000080)=[{0x2, 0x0, 0xcdc8a73, 0x7}]})
write$P9_RCLUNK(0xffffffffffffffff, 0x0, 0x20097be3b3582087)
bind$bt_rfcomm(0xffffffffffffffff, &(0x7f0000000140)={0x1f, {0x885, 0xfffffffeffffffff, 0x0, 0x6}, 0x9}, 0xa)
socket(0x2, 0xf9889fdeb9750ffa, 0x2)
recvmmsg(r4, 0x0, 0x0, 0x40002002, 0x0)
getgroups(0x0, &(0x7f0000000340))
ioctl$TIOCCONS(r2, 0x541d)
sched_setaffinity(0x0, 0x7, &(0x7f00000000c0)=0x9)
ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, &(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESOCT=r0])
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fadvise64(r3, 0x0, 0x7, 0x2)
r5 = creat(&(0x7f0000000340)='./file0\x00', 0x7)
fallocate(r5, 0x0, 0x0, 0x8200003)

22:06:26 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:26 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000200)="ad56b6cc0400aeb995298992ea5400c2", 0x10)
sendmmsg(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000001580)=[{&(0x7f00000013c0)="19", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000029c0)=[{&(0x7f0000001680)="d1", 0x1}], 0x1, &(0x7f0000003dc0)=ANY=[@ANYBLOB="680000000000000009010000018000000c423be65d0615d9db4d0068fb330bde3febaf4fe2"], 0x25}}], 0x2, 0x0)

22:06:26 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:26 executing program 1:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
recvmmsg(r0, &(0x7f0000003b40)=[{{0x0, 0xfffffffffffffe76, 0x0, 0x0, 0x0, 0xc}}], 0x40000000000004d, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000000)=0xfd4, 0x4)
shutdown(r0, 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)

22:06:26 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f00000000c0)={0x1c, 0x1})
dup2(r2, r3)

22:06:26 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:26 executing program 1:
r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2)
write$P9_RLERROR(r0, &(0x7f0000002b00)=ANY=[@ANYBLOB="14"], 0x1)

22:06:26 executing program 4:

22:06:27 executing program 0:
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000380)={{{@in=@empty, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0}}, {{@in6=@empty}, 0x0, @in=@multicast2}}, &(0x7f0000000100)=0xe8)
uname(&(0x7f0000000300)=""/49)
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='memory.events\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r2, 0x40a85321, 0x0)
close(0xffffffffffffffff)
r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000005a40)='/dev/vsock\x00', 0x0, 0x0)
fcntl$getown(r1, 0x9)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000006f80)={&(0x7f0000000480)=@file={0x0, './file0\x00'}, 0xfffffffffffffedd, &(0x7f0000006ec0), 0x0, &(0x7f0000006f40), 0x20, 0x48040}, 0x4000)
r4 = creat(&(0x7f0000000000)='./file0\x00', 0x1c)
add_key(&(0x7f0000000040)='logon\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f0000000740)="23c21a35e498e8d4fdb6f434f616ed90ded66a51b5c2af61dfa192cf05ae549d1ad654b97899cacb8b6a92b50d35f0363d99e918b9652c5fd88ea560768ac3de2a429efc55fc840168a0bc6906fba1ccc73ca488f889c26f4f8de93dac34d66c63f428c4a45e4c0175be4bee72c37f6576f031ca6e441202307779e2f731", 0x7e, 0x0)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, 0x0, 0x0)
ioctl$PPPIOCSACTIVE(r4, 0x40107446, &(0x7f0000000500)={0x1, &(0x7f0000000080)=[{0x2, 0x0, 0xcdc8a73, 0x7}]})
write$P9_RCLUNK(0xffffffffffffffff, 0x0, 0x20097be3b3582087)
bind$bt_rfcomm(0xffffffffffffffff, &(0x7f0000000140)={0x1f, {0x885, 0xfffffffeffffffff, 0x0, 0x6}, 0x9}, 0xa)
socket(0x2, 0xf9889fdeb9750ffa, 0x2)
recvmmsg(r4, 0x0, 0x0, 0x40002002, 0x0)
getgroups(0x0, &(0x7f0000000340))
ioctl$TIOCCONS(r2, 0x541d)
sched_setaffinity(0x0, 0x7, &(0x7f00000000c0)=0x9)
ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, &(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESOCT=r0])
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fadvise64(r3, 0x0, 0x7, 0x2)
r5 = creat(&(0x7f0000000340)='./file0\x00', 0x7)
fallocate(r5, 0x0, 0x0, 0x8200003)

22:06:27 executing program 2:
socket$packet(0x11, 0xa, 0x300)
r0 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:27 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000001640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f00000000c0)={0x1c, 0x1})
dup2(r2, r3)

22:06:27 executing program 5:

22:06:27 executing program 4:

22:06:27 executing program 1:

22:06:27 executing program 2:
socket$packet(0x11, 0xa, 0x300)
r0 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:27 executing program 1:

22:06:27 executing program 4:

22:06:27 executing program 5:

22:06:27 executing program 2:
socket$packet(0x11, 0xa, 0x300)
r0 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:27 executing program 3:

22:06:28 executing program 0:

22:06:28 executing program 1:

22:06:28 executing program 4:

22:06:28 executing program 5:

22:06:28 executing program 3:

22:06:28 executing program 2:
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r0 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:28 executing program 4:

22:06:28 executing program 1:

22:06:28 executing program 3:

22:06:28 executing program 5:

22:06:28 executing program 2:
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r0 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:28 executing program 0:

22:06:28 executing program 4:

22:06:28 executing program 3:

22:06:28 executing program 5:

22:06:28 executing program 1:

22:06:28 executing program 2:
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r0 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:28 executing program 0:

22:06:28 executing program 4:

22:06:28 executing program 0:

22:06:28 executing program 3:

22:06:28 executing program 5:

22:06:28 executing program 4:

22:06:28 executing program 1:

22:06:29 executing program 2:
r0 = socket$packet(0x11, 0x0, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:29 executing program 0:

22:06:29 executing program 3:

22:06:29 executing program 5:

22:06:29 executing program 4:

22:06:29 executing program 1:

22:06:29 executing program 2:
r0 = socket$packet(0x11, 0x0, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:29 executing program 0:

22:06:29 executing program 3:

22:06:29 executing program 1:

22:06:29 executing program 5:

22:06:29 executing program 4:

22:06:29 executing program 3:

22:06:29 executing program 5:

22:06:29 executing program 2:
r0 = socket$packet(0x11, 0x0, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:29 executing program 1:

22:06:29 executing program 0:

22:06:29 executing program 3:

22:06:29 executing program 5:

22:06:29 executing program 4:

22:06:30 executing program 0:

22:06:30 executing program 1:

22:06:30 executing program 5:

22:06:30 executing program 2:
socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r0 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:30 executing program 3:

22:06:30 executing program 4:

22:06:30 executing program 0:

22:06:30 executing program 5:

22:06:30 executing program 1:

22:06:30 executing program 3:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee68, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000880)='oom_score\x00')
preadv(r0, &(0x7f00000017c0), 0x199, 0x0)
fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = socket$inet(0x2, 0x1, 0x0)
clone(0x2200802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$VT_DISALLOCATE(r0, 0x5608)
nanosleep(&(0x7f0000000380)={0x0, 0x1c9c380}, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000400)="cda28a8ce5b9f802", 0x8}], 0x1)

22:06:30 executing program 2:
socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r0 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:30 executing program 4:
r0 = syz_open_dev$sndtimer(&(0x7f0000000100)='/dev/snd/timer\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee67, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r0, 0x40045402, &(0x7f0000000600)=0x2)
read(r0, &(0x7f0000000200)=""/181, 0xb5)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000040)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000080)={0x0, 0x1f, 0x0, 0x0, 0x4})
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)

22:06:30 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000dd1000000000000073013500000000009500000000000000"], &(0x7f0000003ff6)='G\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$VT_OPENQRY(0xffffffffffffffff, 0x5600, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000200)="a3e4c23237eec58825106c64be56", 0x0}, 0x28)

22:06:30 executing program 5:

22:06:30 executing program 1:

22:06:30 executing program 4:

22:06:30 executing program 3:
r0 = memfd_create(&(0x7f0000000100)='\x00', 0x0)
write(r0, &(0x7f0000000040)="0600", 0x2)
write$FUSE_NOTIFY_STORE(r0, &(0x7f0000000140)=ANY=[@ANYRES64=r0], 0x8)
r1 = socket$bt_bnep(0x1f, 0x3, 0x4)
r2 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x0, 0x200)
ioctl$sock_bt_bnep_BNEPCONNADD(r1, 0x400442c8, &(0x7f0000000440)=ANY=[@ANYRES32=r2, @ANYBLOB="03000000d8f767aa92bc2155f40577804611976c1321cb1685337628402d47462ffe6c4df52c6e93fd9b8e18fa7d968b3b0aa4e9076095d243444b27388ce71c30724eb1c2dac0fc9ea6a7f9115d7587f8af9c7f8059ffc66b617cd37463fd70e84d8e4c6e0f60787ec3608638a0393c4ff6825b69"])
sendfile(r0, r0, &(0x7f0000000280), 0x4)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x10, r0, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x5, &(0x7f0000000380))
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r5 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x40000, 0x0)
ioctl$VT_SETMODE(r5, 0x5602, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x3, 0x9})
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f0000000140)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3235004000000f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4d}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r6, 0x4040ae77, &(0x7f0000000800))
openat$vfio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vfio/vfio\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]})
openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

22:06:30 executing program 2:
socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r0 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:30 executing program 5:
r0 = syz_open_dev$sndtimer(&(0x7f0000000100)='/dev/snd/timer\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee67, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000200)=""/181, 0xb5)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000040)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)

22:06:30 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20000003, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
close(r1)
recvmmsg(r0, &(0x7f0000008d80)=[{{&(0x7f0000004b80)=@nl, 0x80, &(0x7f0000006100), 0x0, &(0x7f0000006140)=""/105, 0x69}}], 0x8000000000003bf, 0x0, 0x0)
r2 = dup2(r1, r1)
ioctl$UI_SET_MSCBIT(r2, 0x40045568, 0x3d)

22:06:30 executing program 1:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$EVIOCGLED(0xffffffffffffffff, 0x80404519, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)

22:06:31 executing program 4:
r0 = socket$inet6(0xa, 0x80000000000001, 0x8010002000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @ipv4={[], [], @empty}}, 0x1c)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e21, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000240)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}}, &(0x7f0000000300)=0x90)

[  554.000414][    C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
22:06:31 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:31 executing program 5:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x40000000000009)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
pipe2(0x0, 0x80800)
sendmsg$IPVS_CMD_NEW_DEST(0xffffffffffffffff, 0x0, 0x0)
mknod(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
close(r1)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/net/tun\x00', 0x2, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000280)={'\x00\x00\x00\xe6\xff\xff\xff\x00\x00\x00\x00\x00\x02\x00', 0x5002})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000380)='SEG6\x00')
r4 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x2007fff)
write$P9_RXATTRCREATE(r4, &(0x7f0000000140)={0x383}, 0x7)
write$P9_RSETATTR(r4, &(0x7f0000000040)={0x7}, 0x7)
sendfile(r1, r4, &(0x7f0000d83ff8), 0x800000000024)
syz_genetlink_get_family_id$team(0x0)
rmdir(&(0x7f0000000000)='./bus\x00')
creat(&(0x7f0000000200)='./bus\x00', 0x0)
sendmsg$nl_netfilter(r0, 0x0, 0x0)

[  554.249329][    C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
22:06:31 executing program 1:
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet_opts(r0, 0x0, 0x9, 0x0, &(0x7f00000003c0))

22:06:31 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

[  554.379619][T20770] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  554.388115][T20770] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
22:06:31 executing program 0:
openat$ptmx(0xffffffffffffff9c, 0x0, 0x208c0, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000780)='/dev/ppp\x00', 0x101002, 0x0)
ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000640)=""/246)
r1 = memfd_create(&(0x7f0000000280)='^\x00', 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000500)='/dev/zero\x00', 0x0, 0x0)
pwritev(r1, &(0x7f0000f50f90)=[{&(0x7f0000000100)="a8", 0x1}], 0x1, 0x81003)
mincore(&(0x7f0000ffa000/0x3000)=nil, 0x3000, &(0x7f0000000600)=""/13)
sendfile(r0, r1, 0x0, 0x102002700)

22:06:31 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_hsr\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local}, 0x14)
sendto$inet6(r0, &(0x7f0000000180)="0503000006003e0000000200c52cf7c25975e605b02f0800eb2b2ff0dac8897c6b118777faffffff306609000000c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3fe257c3314a3978b352b", 0xfe79, 0x1000000000, 0x0, 0x0)

[  554.583955][T20770] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
22:06:31 executing program 1:
r0 = perf_event_open(&(0x7f000025c000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x40000000000011, r0, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1)

22:06:31 executing program 3:
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@link_local, @remote, [], {@ipv6={0x86dd, {0x0, 0x6, '\vjd', 0x14, 0x0, 0x0, @ipv4={[], [], @empty}, @local, {[], @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

22:06:31 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:32 executing program 3:
mkdir(&(0x7f0000000240)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002000), 0x215)
read$FUSE(r0, &(0x7f0000000480), 0x1000)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, 0x1}, 0x50)
lstat(&(0x7f0000000280)='./file0/file0\x00', 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0x12}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x13)

22:06:32 executing program 1:

22:06:32 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x3, &(0x7f0000000080))

22:06:32 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)

[  557.660193][    C1] clocksource: timekeeping watchdog on CPU1: Marking clocksource 'tsc' as unstable because the skew is too large:
[  557.672344][    C1] clocksource:                       'acpi_pm' wd_now: 8cd793 wd_last: e0f02e mask: ffffff
[  557.682515][    C1] clocksource:                       'tsc' cs_now: 12fc948263e cs_last: 12e19d0f2e9 mask: ffffffffffffffff
[  557.694036][    C1] tsc: Marking TSC unstable due to clocksource watchdog
[  557.714454][   T17] TSC found unstable after boot, most likely due to broken BIOS. Use 'tsc=unstable'.
[  557.724025][   T17] sched_clock: Marking unstable (557782621197, -68191274)<-(557832028152, -117597979)
22:06:34 executing program 5:
r0 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
read(r0, &(0x7f0000000400)=""/181, 0xffffff7d)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000040)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, 0x0)
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)

22:06:34 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="26640f48d16626660f388103660fc73366b8c70000000f23d80f21f86635000000900f23f8262e0f08f00fab9569fff4650fc734ba200066ed67dc5ca002", 0x3e}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptmx\x00', 0x0, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

22:06:34 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x10, 0x3, 0x0)
setsockopt$inet6_MRT6_DEL_MFC(0xffffffffffffffff, 0x29, 0xd1, &(0x7f0000000000)={{0xa, 0x0, 0x0, @dev}, {0xa, 0x0, 0x0, @mcast2}}, 0x5c)
sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="e3"], 0x1}}, 0x0)
ioctl$sock_ifreq(r1, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00', @ifru_flags})
r2 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_ifreq(r2, 0x89f2, &(0x7f0000000180)={'ip6_vti0\x00', @ifru_flags})

[  557.843535][T20823] clocksource: Switched to clocksource acpi_pm
22:06:35 executing program 0:

22:06:35 executing program 4:

22:06:35 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x0, 0x0}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:35 executing program 5:

22:06:35 executing program 4:

22:06:35 executing program 0:

22:06:35 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x0, 0x0}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:35 executing program 3:

22:06:35 executing program 5:
futex(0x0, 0x85, 0x0, 0x0, &(0x7f0000000140), 0xa2000000)

22:06:35 executing program 4:
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="0207000902000000a8a9897bbb73ec3c"], 0x10}}, 0x0)
sendmsg$key(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x2, 0xc, 0x0, 0x0, 0x2}, 0x10}}, 0x0)

22:06:36 executing program 1:
unshare(0x8000400)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x0, 0x0)
ioctl$UI_END_FF_UPLOAD(r0, 0x406855c9, &(0x7f0000000080)={0x0, 0x0, {0x0, 0x0, 0x0, {}, {}, @ramp}, {0x0, 0x0, 0x0, {}, {}, @ramp}})

22:06:36 executing program 0:
r0 = gettid()
syz_open_procfs$namespace(r0, &(0x7f0000000040)='ns/mnt\x00')

22:06:36 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
timer_settime(0x0, 0x0, 0x0, 0x0)

22:06:36 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x0, 0x0}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:36 executing program 5:
futex(0x0, 0x85, 0x0, 0x0, &(0x7f0000000140), 0xa2000000)

22:06:36 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4)
connect$inet6(r0, &(0x7f0000000080), 0x1c)
r1 = dup2(r0, r0)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224)
clone(0x100000000001fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r2 = gettid()
setsockopt$inet6_opts(r1, 0x29, 0x39, &(0x7f00000000c0)=ANY=[@ANYPTR, @ANYRES16], 0x2)
ptrace$setopts(0x4206, r2, 0x0, 0x0)
tkill(r2, 0x10000000040)
fcntl$setstatus(r1, 0x4, 0x42803)

22:06:36 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd/4\x00')
setsockopt$IP_VS_SO_SET_DEL(r0, 0x0, 0x484, &(0x7f0000000100)={0x67, @dev={0xac, 0x14, 0x14, 0xc}, 0x4e23, 0x2, 'lblcr\x00', 0x10, 0x0, 0x4f}, 0x2c)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$RNDZAPENTCNT(0xffffffffffffffff, 0x5204, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fuse\x00', 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000040)={@initdev, 0x0, 0x0, 0x0, 0x4}, 0x20)
gettid()
syz_open_procfs(0x0, &(0x7f0000000180)='oom_adj\x00')
exit(0x0)

22:06:36 executing program 5:
futex(0x0, 0x85, 0x0, 0x0, &(0x7f0000000140), 0xa2000000)

22:06:36 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

[  559.330875][T20909] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
22:06:36 executing program 5:
futex(0x0, 0x85, 0x0, 0x0, &(0x7f0000000140), 0xa2000000)

22:06:36 executing program 1:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = mq_open(&(0x7f0000000000)='md5sumeth1wlan0{cgroupmime_type@\x00', 0x0, 0x0, 0x0)
mq_notify(r0, &(0x7f00000005c0)={0x0, 0x0, 0x1, @thr={0x0, 0x0}})

22:06:36 executing program 4:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = mq_open(&(0x7f0000000000)='md5sumeth1wlan0{cgroupmime_type@\x00', 0x0, 0x0, 0x0)
mq_notify(r0, 0x0)

22:06:36 executing program 3:
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000003dc0))
write$cgroup_type(r0, &(0x7f0000000100)='threaded\x00', 0xff34)
fallocate(r0, 0x3, 0x0, 0x10000408001)
fallocate(r0, 0x3, 0xc000, 0x80000003)

22:06:37 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:37 executing program 5:
futex(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0xa2000000)

[  560.115311][T20919] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
22:06:37 executing program 1:
get_robust_list(0x0, &(0x7f0000006440)=0x0, &(0x7f0000006480))

22:06:37 executing program 0:
r0 = syz_open_dev$loop(&(0x7f0000000380)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKPG(r0, 0x1269, &(0x7f0000000280)={0x1, 0x0, 0x79, &(0x7f0000000000)="6d0ca1696afd303cdda32e530bec3a0c13db5e667816781a879f8a9dbfd627b5f90860333d19faaa3faaf2c28bd49d8c952f7e3c47600d3042329aafde7bcc7301c48851caf74e0789d030baebc41aa54f50db3ffc5aff915213f10300ec07cbda9df379665ccecc4e1a953b3c28a29036966c166c505604d7"})

22:06:37 executing program 3:

22:06:37 executing program 5:
futex(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0xa2000000)

22:06:37 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:37 executing program 4:

22:06:37 executing program 1:

22:06:37 executing program 3:

22:06:37 executing program 4:

22:06:37 executing program 5:
futex(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0xa2000000)

22:06:37 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:37 executing program 0:

22:06:38 executing program 1:

22:06:38 executing program 3:

22:06:38 executing program 4:

22:06:38 executing program 0:

22:06:38 executing program 1:

22:06:38 executing program 5:
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xa2000000)

22:06:38 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:38 executing program 3:

22:06:38 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/46, 0x2e}, {0x0}, {0x0}, {0x0}], 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xccf3, 0x0, 0x0, 0x800e0053d)
shutdown(r0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000039c0)=[{&(0x7f0000000100)=""/149, 0x95}], 0x1}, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r3, 0x0, 0xccf3, 0x0, 0x0, 0x800e00545)
shutdown(r2, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$sock_timeval(r4, 0xffff, 0x1006, &(0x7f0000000040)={0x2}, 0x10)
recvmsg(r4, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000280)=""/4096, 0x1000}], 0x1}, 0x0)
shutdown(r3, 0x0)
shutdown(r1, 0x0)

22:06:38 executing program 1:
accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000040))
poll(&(0x7f0000000140), 0x17, 0x8000000000049)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0x24f, 0x0, 0x0, 0x800e00806)
ppoll(0x0, 0x0, 0x0, &(0x7f0000000080), 0x8)
shutdown(r0, 0x0)

22:06:38 executing program 5:
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xa2000000)

22:06:38 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0x10201, 0x0, 0x0, 0x800e0051d)
r1 = dup(r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r2, 0x0, 0x73a0b1b, 0x0, 0x0, 0x800e00549)
shutdown(r1, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000080)=""/34, 0x22}], 0x1}, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r4, 0x0, 0xccf3, 0x0, 0x0, 0x800e00545)
shutdown(r3, 0x0)
poll(0x0, 0x0, 0x4a)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r5, 0x0, 0xfffffee9, 0x0, 0x0, 0x800e00a6d)
ppoll(&(0x7f0000000080)=[{r5}], 0x1, 0x0, &(0x7f0000000040), 0xffffffffffffff14)
shutdown(r4, 0x0)
shutdown(r2, 0x0)

22:06:38 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:38 executing program 3:
poll(&(0x7f0000000140)=[{}, {}, {}, {}], 0x4, 0x4e)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00505)
mprotect(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x5)
r1 = socket$inet6_sctp(0x1c, 0x5, 0x84)
recvmsg(r1, &(0x7f0000002700)={0x0, 0x0, 0x0}, 0x0)
shutdown(r0, 0x0)

22:06:38 executing program 5:
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xa2000000)

[  561.772994][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  561.779698][    C0] protocol 88fb is buggy, dev hsr_slave_1
22:06:38 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000000)=[{0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:39 executing program 5:
futex(0x0, 0x85, 0x0, 0x0, &(0x7f0000000140), 0x0)

22:06:39 executing program 5:
futex(0x0, 0x85, 0x0, 0x0, &(0x7f0000000140), 0x0)

22:06:39 executing program 3:
poll(&(0x7f0000000140)=[{}, {}, {}, {}], 0x4, 0x4e)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00505)
mprotect(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x5)
r1 = socket$inet6_sctp(0x1c, 0x5, 0x84)
recvmsg(r1, &(0x7f0000002700)={0x0, 0x0, 0x0}, 0x0)
shutdown(r0, 0x0)

22:06:39 executing program 5:
futex(0x0, 0x85, 0x0, 0x0, &(0x7f0000000140), 0x0)

22:06:39 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
poll(&(0x7f0000000080), 0x1, 0x4e)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00515)
getsockopt$inet_buf(r1, 0x0, 0x0, 0x0, 0x0)
recvfrom$inet(r1, 0x0, 0xfffffe44, 0x0, 0x0, 0x800e00521)
shutdown(r1, 0x0)
recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:39 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000000)=0x5, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0)

22:06:39 executing program 5:

22:06:39 executing program 0:
syz_open_procfs(0x0, &(0x7f0000000880)='mounts\x00')
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(0xffffffffffffffff, 0xc08c5336, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, 0x0)
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee68, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0)
open(0x0, 0x0, 0x0)
write$apparmor_current(r0, &(0x7f0000000140)=@hat={'permhat ', 0x1, 0x5e, ['mounts\x00', 'mounts\x00']}, 0x29)
r1 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000, 0x0, &(0x7f0000c87000/0x2000)=nil)
mmap(&(0x7f00008da000/0x1000)=nil, 0x1000, 0x0, 0xb4972, 0xffffffffffffffff, 0x0)
r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r2, 0x4, 0x0)
io_setup(0x4, &(0x7f00000004c0)=<r3=>0x0)
signalfd4(r1, 0x0, 0x0, 0x0)
io_submit(r3, 0x732, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r2, &(0x7f0000000000), 0x377140be6b5ef4c7}])

22:06:39 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000000)=[{0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:39 executing program 3:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000440)={0x18, 0x0, {0x1, @local, 'team0\x00'}}, 0x1e)
sendmmsg(r0, &(0x7f000000d180), 0x33b, 0xf401)

22:06:39 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f0000000880)='mounts\x00')
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(0xffffffffffffffff, 0xc08c5336, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, 0x0)
r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee68, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$GIO_FONT(r0, 0x4b60, &(0x7f0000000180)=""/61)
prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0)
open(0x0, 0x0, 0x0)
write$apparmor_current(r1, &(0x7f0000000140)=@hat={'permhat ', 0x1, 0x5e, ['mounts\x00', 'mounts\x00']}, 0x29)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000, 0x0, &(0x7f0000c87000/0x2000)=nil)
mmap(&(0x7f00008da000/0x1000)=nil, 0x1000, 0x0, 0xb4972, 0xffffffffffffffff, 0x0)
r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r2, 0x4, 0x44000)
io_setup(0x4, &(0x7f00000004c0)=<r3=>0x0)
io_submit(r3, 0x732, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r2, &(0x7f0000000000), 0x377140be6b5ef4c7}])

22:06:39 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000000)=[{0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:40 executing program 1:
openat$ptmx(0xffffffffffffff9c, 0x0, 0x208c0, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sync()
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000780)='/dev/ppp\x00', 0x101002, 0x0)
ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000640)=""/246)
r1 = memfd_create(&(0x7f0000000280)='^\x00', 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000300)='/dev/full\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000500)='/dev/zero\x00', 0x8101, 0x0)
ioctl$PPPIOCDISCONN(0xffffffffffffffff, 0x7439)
pwritev(r1, &(0x7f0000f50f90)=[{&(0x7f0000000100)="a8", 0x1}], 0x1, 0x81003)
mincore(&(0x7f0000ffa000/0x3000)=nil, 0x3000, &(0x7f0000000600)=""/13)
sendfile(r0, r1, 0x0, 0x102002700)

22:06:40 executing program 5:
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(0x0)
ioctl$DRM_IOCTL_AGP_INFO(0xffffffffffffffff, 0x80386433, 0x0)
sync()
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000780)='/dev/ppp\x00', 0x0, 0x0)
ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000640)=""/246)
openat$full(0xffffffffffffff9c, &(0x7f0000000300)='/dev/full\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

22:06:40 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
r1 = syz_open_pts(r0, 0x200000)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x6)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xad3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup3(r1, r0, 0x0)

22:06:40 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:40 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)

22:06:40 executing program 0:
fcntl$setownex(0xffffffffffffffff, 0xf, 0x0)
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x1)
write$FUSE_NOTIFY_STORE(0xffffffffffffffff, &(0x7f0000000200)={0x2a, 0x4, 0x0, {0x2, 0xe0, 0x2, 0x0, [0x0, 0x0]}}, 0x2a)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'vat\x00\x00\x00\x00\x00\x00\x00\xa8\x03\x00', 0x43732e5398416f1a})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pread64(r1, &(0x7f0000000380)=""/39, 0x23, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000240)={{0xffffffffffffffff, 0x3, 0x0, 0x1, 0x3}})
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)
r4 = dup2(r3, r1)
epoll_pwait(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1008}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x30, r5, 0x20, 0x70bd26, 0x0, {{}, 0x0, 0x5, 0x0, {0x14, 0x19, {0x0, 0x101, 0x0, 0x5}}}, ["", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0xb23cce0833601e69}, 0x1)

22:06:40 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

[  563.681654][T21233] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  563.689457][T21233] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
22:06:40 executing program 1:
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'vat\x00\x00\x00\x00\x00\x00\x00\xa8\x03\x00', 0x43732e5398416f1a})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pread64(r1, &(0x7f0000000380)=""/39, 0x23, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000240)={{0xffffffffffffffff, 0x3, 0x0, 0x1, 0x3}})
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)
r4 = dup2(r3, r1)
epoll_pwait(r4, 0x0, 0x0, 0x9, &(0x7f0000000300), 0x8)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1008}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x30, r5, 0x0, 0x70bd26, 0x25dfdbfc, {{}, 0x0, 0x5, 0x0, {0x14, 0x19, {0xffffffffffffff21, 0x101, 0x0, 0x5}}}, ["", "", "", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0xb23cce0833601e69}, 0x1)

22:06:40 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'vat\x00\x00\x00\x00\x00\x00\x00\xa8\x03\x00', 0x43732e5398416f1a})
r1 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r1, r0)

[  563.765556][T21233] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
22:06:40 executing program 3:
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/raw\x00')
sendmsg(0xffffffffffffffff, &(0x7f0000002fc8)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[]}, 0x0)
preadv(r0, &(0x7f00000017c0), 0x1fe, 0x400000000000)

[  563.913222][T21242] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  563.920868][T21242] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
22:06:41 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:41 executing program 4:

[  564.153526][T21242] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  564.230930][T21249] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  564.238733][T21249] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
22:06:41 executing program 4:

[  564.296400][T21249] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
22:06:41 executing program 3:

22:06:41 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:41 executing program 3:

[  564.517509][T21249] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
22:06:41 executing program 4:

[  564.612724][T21249] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  564.705911][T21254] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  564.774946][T21254] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
22:06:42 executing program 0:

22:06:42 executing program 5:

22:06:42 executing program 3:

22:06:42 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:42 executing program 1:

22:06:42 executing program 4:

22:06:42 executing program 5:

22:06:42 executing program 3:

22:06:42 executing program 1:

22:06:42 executing program 0:

22:06:42 executing program 4:

22:06:42 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:42 executing program 5:

22:06:42 executing program 3:

[  565.532964][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  565.539523][    C0] protocol 88fb is buggy, dev hsr_slave_1
22:06:42 executing program 0:

22:06:42 executing program 1:

22:06:42 executing program 4:

22:06:42 executing program 5:

22:06:42 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:42 executing program 3:

22:06:43 executing program 0:

22:06:43 executing program 1:

22:06:43 executing program 5:

22:06:43 executing program 4:

22:06:43 executing program 3:

22:06:43 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:43 executing program 0:

22:06:43 executing program 1:

22:06:43 executing program 5:

22:06:43 executing program 3:
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x8040, 0x0)
ioctl$FS_IOC_GETFLAGS(r0, 0x80086601, &(0x7f0000000000))

22:06:43 executing program 4:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-aes-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000001400)="b7f2288a911993f0265df5cf1cdd8b55", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
recvmsg(r1, &(0x7f0000000080)={0x0, 0xffffffffffffff0a, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/52, 0xc6}], 0x1, 0x0, 0xffffffffffffffbf}, 0x0)

22:06:43 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000002640)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000001400)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000300)="9e6ee0f90184aec8fa45f5616dd80a25dce92b04baec3fd0092a1df0357a31150b6689b0f27bbc77ff5ddf1fe3a53752e7065b7d07892eacf8a02d05b0c9312bc81f94134279f519fda34250b936ce21", 0x26a}], 0x1}, 0x0)
recvmsg(r1, &(0x7f0000000080)={0x0, 0xffffffffffffff0a, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/52, 0xc6}], 0x2, 0x0, 0xffffffffffffffbf}, 0x0)

22:06:43 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_int(r1, 0x29, 0x4c, 0x0, &(0x7f0000000040))

22:06:43 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:43 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_vs\x00')
preadv(r0, &(0x7f0000000200)=[{&(0x7f0000000240)=""/216, 0xd8}], 0x1, 0x0)

22:06:43 executing program 3:
mkdir(0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$rxrpc(0x21, 0x2, 0xa)
statfs(&(0x7f0000000200)='./file0\x00', 0x0)
bind$rxrpc(r0, &(0x7f00000000c0)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x0, 0x0, @loopback}}, 0x24)
listen(r0, 0x9)

22:06:44 executing program 4:

22:06:44 executing program 1:

22:06:44 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, 0x0, 0x0)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:44 executing program 5:

22:06:44 executing program 0:

22:06:44 executing program 3:
mkdir(0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$rxrpc(0x21, 0x2, 0xa)
statfs(&(0x7f0000000200)='./file0\x00', 0x0)
bind$rxrpc(r0, &(0x7f00000000c0)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x0, 0x0, @loopback}}, 0x24)
listen(r0, 0x9)

22:06:44 executing program 4:

22:06:44 executing program 1:

[  567.292876][    C0] protocol 88fb is buggy, dev hsr_slave_0
22:06:44 executing program 5:

22:06:44 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, 0x0, 0x0)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:44 executing program 4:

22:06:44 executing program 0:

22:06:44 executing program 3:

[  567.612832][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  567.619319][    C0] protocol 88fb is buggy, dev hsr_slave_1
22:06:44 executing program 5:

22:06:44 executing program 1:

22:06:44 executing program 4:

22:06:44 executing program 1:

22:06:45 executing program 3:

22:06:45 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, 0x0, 0x0)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:45 executing program 4:

22:06:45 executing program 0:

22:06:45 executing program 5:

22:06:45 executing program 1:

22:06:45 executing program 3:

22:06:45 executing program 4:

22:06:45 executing program 5:

22:06:45 executing program 0:

22:06:45 executing program 1:

22:06:45 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:45 executing program 4:
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/raw\x00')
sendmsg(0xffffffffffffffff, &(0x7f0000002fc8)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[]}, 0x0)
preadv(r0, &(0x7f00000017c0), 0x1fe, 0x400000000000)

22:06:45 executing program 3:
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='cgroup\x00', 0x0, 0x0)
chdir(&(0x7f0000000200)='./file0\x00')
chdir(&(0x7f00000003c0)='./file0\x00')
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
r0 = openat$cgroup_int(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.mems\x00', 0x2, 0x0)
sendfile(r0, r0, 0x0, 0x401)

22:06:45 executing program 5:
mkdir(&(0x7f0000000240)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002000), 0x215)
read$FUSE(r0, &(0x7f0000000480), 0x1000)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, 0x1}, 0x50)
read$FUSE(r0, 0x0, 0x0)
lstat(&(0x7f0000000280)='./file0/file0\x00', 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0x12}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x13)

22:06:45 executing program 0:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x12)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil})
dup(r0)
write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000080)={0x21, 0x7, 0x0, {0x18, 'mime_type:vmnet0md5sum[@'}}, 0x21)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfb]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000180)={0x1, 0x4, [@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @random="890371400729", @broadcast]})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x100000001]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f00000004c0)='TIPC\x00')

22:06:45 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
r1 = memfd_create(&(0x7f0000000280)='\xe6\x04e\xc1hs\xe6\xac-g\x92\xf1s0\xa5\x8c6V\xf3Y\x8f\bMrR\xd1\x7f\x7f\xfb\x94\x9b\xe3\xa3\xd5cD\x83[\x94\xa7e\xd7\xc8\x1bHW.\xf3\x04!E\x10\xb0$\x1a\x8b\xe9\x14b&\xf0S>\"\x1d\x8c\xda\x97F\xa56eKG?\"\x9c\xa1\x03U\xd7\x1d%\xdd\x89\x93d\x1fj#}#\x1f\xc6\xa5\v\x84\xbd\x00@l\xf0\xcavh\xf4 \xd9(\xdbq\x85 \x10\x17\xc4_X&)\xeb\xb0\xc5W\n<\xe8B\xadH@\xc3\x97\x80\xddw`4\xb4\x84\xb3s\x90\x12`\xc5\x05\x12.i3i?;s\x83\x80*R\xfb\xb7G\xe6\x17q\x85\xb8\x1a\xba\xcd\x9d\x12@[,\x85\xa0(O\x98\xa4\xd2\xe6\xb1\xe9\xf1-\xfc\xb5e\xe33\x91\xb1\xa8c\xce\xa7\\', 0x0)
write(r1, &(0x7f0000000200)="6963e6424304006da3a74e3deec6fc5bb9650b5de56946c568f95d22c77190ba406d59a5958def156c9c8a2ac4677afffffffc800000000000200000f8bf54da32", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
readlinkat(r0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000440)=""/57, 0x2f1)

22:06:45 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:45 executing program 3:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$netlink(0x10, 0x3, 0x12)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil})
dup(0xffffffffffffffff)
write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000080)={0x21, 0x7, 0x0, {0x18, 'mime_type:vmnet0md5sum[@'}}, 0x21)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfb]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000180)={0x1, 0x4, [@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @random="890371400729", @broadcast]})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x100000001]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f00000004c0)='TIPC\x00')

22:06:46 executing program 4:
r0 = syz_open_procfs(0x0, &(0x7f000000a8c0)='mountinfo\x00')
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
ppoll(&(0x7f0000000000)=[{r0}, {r0, 0x2201}], 0x2, 0x0, 0x0, 0x0)

22:06:46 executing program 1:
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee68, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}})
write$FUSE_LSEEK(r0, &(0x7f0000000000)={0x18, 0x0, 0x5}, 0x18)

22:06:46 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:46 executing program 4:
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee68, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}})

[  569.373091][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  569.379753][    C0] protocol 88fb is buggy, dev hsr_slave_1
22:06:46 executing program 0:
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee68, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}})

22:06:46 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, 0x0, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:46 executing program 1:
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee68, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}})
r1 = eventfd(0x0)
setxattr$security_selinux(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='security.selinux\x00', 0x0, 0x0, 0x0)
dup2(r1, r0)

[  569.692510][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  569.698865][    C0] protocol 88fb is buggy, dev hsr_slave_1
22:06:46 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000002, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\t'], 0x19)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x12})

22:06:46 executing program 4:
r0 = memfd_create(&(0x7f00000000c0)='queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00', 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x0)
r2 = dup2(r1, r0)
socketpair$unix(0x1, 0x800000000003, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
clone(0x20008577, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ppoll(&(0x7f0000000040)=[{r2}, {r2}], 0x2, 0x0, 0x0, 0x0)

22:06:46 executing program 3:
r0 = creat(&(0x7f0000000140)='./bus\x00', 0x0)
truncate(&(0x7f0000000100)='./bus\x00', 0x8001)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r1, 0x0)
madvise(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x2)
write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0xf642e7e)

22:06:46 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r0, 0x408c5333, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
r1 = gettid()
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
timer_create(0x0, &(0x7f0000001600)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r1, 0x1000000000013)

22:06:47 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
mount(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x100000, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080), 0xfffffffffffffffd)
r0 = socket$inet(0x2, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0xb2)
r1 = syz_open_procfs(0x0, &(0x7f0000001300)='maps\x00')
preadv(r1, &(0x7f00000017c0), 0x199, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000300)=[{0x0}, {&(0x7f0000000280)=""/81, 0x51}], 0x2, 0x0)
clone(0x70024000, 0x0, 0x0, 0x0, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f00000000c0)=0x16, 0x4)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/rfcomm\x00')
ioctl$EVIOCSABS20(r2, 0x401845e0, &(0x7f0000000080)={0x1, 0x0, 0x0, 0x6, 0x1, 0x6})

22:06:47 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, 0x0, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:47 executing program 4:
fcntl$setownex(0xffffffffffffffff, 0xf, 0x0)
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x1)
write$FUSE_NOTIFY_STORE(0xffffffffffffffff, &(0x7f0000000200)={0x2a, 0x4, 0x0, {0x2, 0xe0, 0x2, 0x0, [0x0, 0x0]}}, 0x2a)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'vat\x00\x00\x00\x00\x00\x00\x00\xa8\x03\x00', 0x43732e5398416f1a})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pread64(r1, &(0x7f0000000380)=""/39, 0x23, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000240)={{0xffffffffffffffff, 0x3, 0x0, 0x1, 0x3}})
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)
r4 = dup2(r3, r1)
epoll_pwait(r4, 0x0, 0x0, 0x0, &(0x7f0000000300), 0x8)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1008}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x30, r5, 0x20, 0x70bd26, 0x25dfdbfc, {{}, 0x0, 0x5, 0x0, {0x14, 0x19, {0xffffffffffffff21, 0x101, 0x0, 0x5}}}, ["", "", "", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0xb23cce0833601e69}, 0x1)

22:06:47 executing program 3:
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0)
ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0)
r1 = dup(r0)
dup3(r0, r1, 0x0)

[  570.172671][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  570.179152][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  570.186009][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  570.192937][    C1] protocol 88fb is buggy, dev hsr_slave_1
22:06:47 executing program 5:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x305, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)

22:06:47 executing program 1:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1400000010001903130000"], 0x14}}, 0x0)

[  570.386279][T21531] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
22:06:47 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, 0x0, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

[  570.471680][T21531] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
22:06:47 executing program 5:
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc0bc5351, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0xc08c5334, &(0x7f0000000000))
r1 = gettid()
timer_create(0x0, &(0x7f0000001600)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r1, 0x1000000000013)

22:06:47 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000014c0)='clear_refs\x00')
pwritev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='4', 0x1}], 0x1, 0x0)

22:06:47 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x1005, 0x100000040005)
write$FUSE_DIRENT(r0, &(0x7f00000001c0)={0x10, 0x0, 0x0, [{0x0, 0x0, 0x0, 0x0, '/dev/dsp#\x00'}, {0x0, 0x0, 0x0, 0x0, '/dev/dsp#\x00'}, {0x0, 0x0, 0x0, 0x0, '{/vmnet1+eth0user'}]}, 0xffffffd6)
ioctl$int_in(r0, 0x800060c0045003, &(0x7f00000000c0))

22:06:47 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:48 executing program 0:
recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f0000000e00)=[{0x0}], 0x1, 0x0, 0x0, 0x8}}], 0x1, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='cmdline\x00')
preadv(r0, &(0x7f0000000480), 0x100000000000039d, 0x0)

[  571.099559][T21536] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
22:06:48 executing program 3:
r0 = socket(0x200000000000011, 0x4004000000080002, 0x3)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14)

22:06:48 executing program 0:
recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f0000000e00)=[{0x0}], 0x1, 0x0, 0x0, 0x8}}], 0x1, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='cmdline\x00')
preadv(r0, &(0x7f0000000480), 0x100000000000039d, 0x0)

[  571.912156][T21536] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
22:06:49 executing program 4:
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='attr/prev\x00')
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x1ee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(r0, &(0x7f00000017c0), 0x199, 0x0)

22:06:49 executing program 0:
r0 = gettid()
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f00000021c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000b40)=ANY=[@ANYBLOB="2cce0f34"], 0x4}}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000001a40)=[{{0x0, 0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)}], 0x3}}], 0x1, 0x0)
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="db78f09eb815051c21ea66fcedd484317f11d634bdefe4e924b263f88fe5808c430cefdad3d1864e8a40d2f506c4f7248d535d60bdc16096b13073532ac5af93e17d0672bae0", @ANYRES64, @ANYPTR64, @ANYRES64, @ANYRES64], 0x0, 0x66}, 0x20)
wait4(0x0, 0x0, 0x80000000, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x38)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

22:06:49 executing program 3:
r0 = socket$inet6(0xa, 0x0, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000380)={0x0, {{0xa, 0x0, 0x9, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0xfd}}, 0x1, 0x1, [{{0xa, 0x4e24, 0x9, @empty, 0x38bafb2f}}]}, 0x110)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f00000005c0)={{{@in6=@dev, @in=@initdev}}, {{@in6=@mcast1}, 0x0, @in=@initdev}}, &(0x7f00000006c0)=0xe8)
getsockopt$inet_int(r0, 0x0, 0x13, 0x0, 0x0)
r1 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETLINK(r1, 0x400454cd, 0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$IPT_SO_GET_REVISION_MATCH(r1, 0x0, 0x42, 0x0, &(0x7f0000000340))
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="020700001000000000000000000000000800120000000100000000000000000006000000000000000000000000000200e00040e0ff00000020000000000000000000ada8008004000000200000000000030006000000000002000080ac14ffbbf00000000000000003000500000000000200423b1d632bd7b8200000000000c7"], 0x80}}, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
ioctl$int_in(0xffffffffffffffff, 0x5473, &(0x7f00000004c0)=0x8)
getsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0x66, &(0x7f0000000280), &(0x7f00000002c0)=0x3)
mincore(&(0x7f0000ffc000/0x4000)=nil, 0x4000, &(0x7f00000000c0)=""/23)
sendmmsg(r3, &(0x7f0000000180), 0x32bc45944b084a6, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x4000000000000011, r2, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, r2)

22:06:49 executing program 1:
mknod$loop(&(0x7f0000000040)='./file0\x00', 0x6242, 0x0)
clone(0x8000000101, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount(&(0x7f0000000180)=ANY=[@ANYBLOB='./file0'], &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='f2fs\x00', 0x0, 0x0)

22:06:49 executing program 5:
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc0bc5351, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0xc08c5334, &(0x7f0000000000))
r1 = gettid()
timer_create(0x0, &(0x7f0000001600)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r1, 0x1000000000013)

22:06:49 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:49 executing program 1:
clone(0x8100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
request_key(&(0x7f000000aff5)='logon\x00', &(0x7f0000001ffb)={'\x00\x00\x10', 0xffffffffffffffff, 0x4c00000000006800}, &(0x7f0000001fee)='R\x10rist\xe3cusgrVid:De', 0xfffffffffffffffd)
getpid()

22:06:49 executing program 0:
poll(&(0x7f0000000080), 0x1, 0x4e)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
poll(&(0x7f0000000040)=[{}], 0x1, 0x0)
recvfrom$inet(r0, 0x0, 0xffc3, 0x0, 0x0, 0x800e00979)
poll(&(0x7f0000000000)=[{r0, 0x2012}], 0x1, 0x0)
ppoll(&(0x7f0000000040), 0x2, 0x0, 0x0, 0xfffffffffffffcd1)
shutdown(r0, 0x0)

22:06:49 executing program 2:
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet_tcp(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

22:06:49 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
poll(&(0x7f0000000000)=[{r0, 0x40}], 0x1, 0x3f)
recvmsg(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000004c0)}, 0x0)
poll(&(0x7f0000000080), 0x1, 0x4e)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0x35b1fb9b03bbddb0, 0x0, 0x0, 0x800e006f8)
readv(r1, &(0x7f0000000480)=[{&(0x7f00000001c0)=""/248, 0xf8}, {&(0x7f00000002c0)=""/242, 0xf2}, {&(0x7f0000000040)=""/59, 0x3b}, {&(0x7f00000003c0)=""/185, 0xb9}], 0x4)
shutdown(r1, 0x0)

22:06:49 executing program 1:
syz_emit_ethernet(0xd0, &(0x7f0000000200)={@broadcast, @broadcast, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, @remote={0xac, 0x223}}, @icmp=@parameter_prob={0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x223}, @empty=0x1000000}}}}}}, 0x0)
poll(&(0x7f0000000080), 0x1, 0x4e)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00515)
recvmsg(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000580)=[{0x0}, {0x0}, {0x0}], 0x3}, 0x0)
recvfrom$inet(r1, 0x0, 0xfffffe44, 0x0, 0x0, 0x800e00521)
shutdown(r1, 0x0)

22:06:49 executing program 2:
r0 = socket$inet6_sctp(0x1c, 0x1, 0x84)
poll(&(0x7f0000000080)=[{r0}], 0x1, 0x4e)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0x2a80, 0x0, 0x0, 0x800e00506)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r2, &(0x7f0000000380)=[{&(0x7f0000000240)=""/142, 0x8e}], 0x1)
r3 = dup(r2)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r4, 0x0, 0xccf3, 0x0, 0x0, 0x800e0050e)
shutdown(r3, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
recvmsg(r5, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000080), 0x386, 0x0, 0xfffffffffffffe9a}, 0x0)
shutdown(r4, 0x0)
shutdown(r1, 0x0)

22:06:50 executing program 5:
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc0bc5351, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0xc08c5334, &(0x7f0000000000))
r1 = gettid()
timer_create(0x0, &(0x7f0000001600)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r1, 0x1000000000013)

22:06:50 executing program 3:
r0 = socket$inet6(0xa, 0x0, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000380)={0x0, {{0xa, 0x0, 0x9, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0xfd}}, 0x1, 0x1, [{{0xa, 0x4e24, 0x9, @empty, 0x38bafb2f}}]}, 0x110)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f00000005c0)={{{@in6=@dev, @in=@initdev}}, {{@in6=@mcast1}, 0x0, @in=@initdev}}, &(0x7f00000006c0)=0xe8)
getsockopt$inet_int(r0, 0x0, 0x13, 0x0, 0x0)
r1 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETLINK(r1, 0x400454cd, 0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$IPT_SO_GET_REVISION_MATCH(r1, 0x0, 0x42, 0x0, &(0x7f0000000340))
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="020700001000000000000000000000000800120000000100000000000000000006000000000000000000000000000200e00040e0ff00000020000000000000000000ada8008004000000200000000000030006000000000002000080ac14ffbbf00000000000000003000500000000000200423b1d632bd7b8200000000000c7"], 0x80}}, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
ioctl$int_in(0xffffffffffffffff, 0x5473, &(0x7f00000004c0)=0x8)
getsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0x66, &(0x7f0000000280), &(0x7f00000002c0)=0x3)
mincore(&(0x7f0000ffc000/0x4000)=nil, 0x4000, &(0x7f00000000c0)=""/23)
sendmmsg(r3, &(0x7f0000000180), 0x32bc45944b084a6, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x4000000000000011, r2, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, r2)

22:06:51 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000140)=""/133, 0x85}, {0x0}, {0x0}], 0x3}, 0x0)
r1 = dup(r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r2, 0x0, 0xccf3, 0x0, 0x0, 0x800e0053d)
shutdown(r1, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000040)=""/30, 0x1e}], 0x1}, 0x2)
r4 = dup(r3)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r5, 0x0, 0x73a0b1b, 0x0, 0x0, 0x800e00549)
shutdown(r4, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000100)=""/18, 0x12}], 0x1}, 0x0)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r7, 0x0, 0xbf9d, 0x0, 0x0, 0x800e0053e)
shutdown(r6, 0x0)
r8 = socket$inet6_icmp_raw(0x1c, 0x3, 0x3a)
readv(r8, &(0x7f0000000480)=[{&(0x7f00000000c0)=""/27, 0x1b}], 0x1)
shutdown(r7, 0x0)
shutdown(r5, 0x0)
shutdown(r2, 0x0)

22:06:51 executing program 2:
poll(&(0x7f0000000080), 0x1, 0x4e)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00515)
recvmsg(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000580)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4}, 0x0)
recvfrom$inet(r1, 0x0, 0xfffffe44, 0x0, 0x0, 0x800e00521)
shutdown(r1, 0x0)

22:06:51 executing program 1:

22:06:51 executing program 4:

22:06:51 executing program 5:
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc0bc5351, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0xc08c5334, &(0x7f0000000000))
r1 = gettid()
timer_create(0x0, &(0x7f0000001600)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r1, 0x1000000000013)

22:06:51 executing program 1:

22:06:51 executing program 4:

22:06:51 executing program 4:

22:06:51 executing program 1:

22:06:51 executing program 0:

22:06:51 executing program 1:

22:06:52 executing program 3:

22:06:52 executing program 4:

22:06:52 executing program 2:

22:06:52 executing program 0:

22:06:52 executing program 1:

22:06:52 executing program 5:
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc0bc5351, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0xc08c5334, &(0x7f0000000000))
gettid()
timer_create(0x0, &(0x7f0000001600)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)

22:06:52 executing program 0:

22:06:52 executing program 4:

22:06:52 executing program 1:

22:06:52 executing program 2:

22:06:52 executing program 3:

22:06:52 executing program 0:

22:06:52 executing program 4:

22:06:52 executing program 1:

22:06:52 executing program 2:

22:06:52 executing program 3:

22:06:52 executing program 0:

22:06:53 executing program 5:
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc0bc5351, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0xc08c5334, &(0x7f0000000000))
gettid()
timer_create(0x0, &(0x7f0000001600)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)

22:06:53 executing program 1:

22:06:53 executing program 4:

22:06:53 executing program 0:

22:06:53 executing program 3:

22:06:53 executing program 2:

22:06:53 executing program 3:

22:06:53 executing program 0:
r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x12)
setxattr$security_evm(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='security.evm\x00', 0x0, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil})
r4 = dup(r1)
write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000080)={0x21, 0x7, 0x0, {0x18, 'mime_type:vmnet0md5sum[@'}}, 0x21)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r4, 0x40045402, &(0x7f0000000000))
ioctl$FS_IOC_MEASURE_VERITY(r0, 0xc0046686, &(0x7f0000000440)={0x81, 0x31, "a4877da820e8f23c8976405e6b60168087471a05f5b0417e017450f8419e9e9410af4792760131b7d40e6251ca7813217c"})
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfb]})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, 0x0)
ioctl$KVM_NMI(r5, 0xae9a)
ioctl$TUNSETTXFILTER(r4, 0x400454d1, &(0x7f0000000180)={0x1, 0x4, [@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @random="890371400729", @broadcast]})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x100000001]})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f00000004c0)='TIPC\x00')

22:06:53 executing program 4:

22:06:53 executing program 2:

22:06:53 executing program 1:

22:06:53 executing program 4:

22:06:54 executing program 5:
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc0bc5351, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0xc08c5334, &(0x7f0000000000))
gettid()
timer_create(0x0, &(0x7f0000001600)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)

22:06:54 executing program 2:

22:06:54 executing program 3:

22:06:54 executing program 1:

22:06:54 executing program 4:

22:06:54 executing program 0:

22:06:54 executing program 3:

22:06:54 executing program 1:

22:06:54 executing program 2:

22:06:54 executing program 4:

22:06:54 executing program 0:

22:06:54 executing program 3:

22:06:55 executing program 2:

22:06:55 executing program 3:

22:06:55 executing program 1:

22:06:55 executing program 0:

22:06:55 executing program 5:
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc0bc5351, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0xc08c5334, &(0x7f0000000000))
r1 = gettid()
timer_create(0x0, &(0x7f0000001600)={0x0, 0x12}, &(0x7f00000001c0))
tkill(r1, 0x1000000000013)

22:06:55 executing program 4:

22:06:55 executing program 3:

22:06:55 executing program 1:

22:06:55 executing program 0:

22:06:55 executing program 2:
clock_gettime(0x0, 0x0)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = memfd_create(&(0x7f00000004c0)='/dev/snd/seq\x00', 0x0)
r1 = memfd_create(&(0x7f0000000140)='lotrusted\x1a\x00', 0x0)
r2 = syz_open_dev$sndseq(0x0, 0x0, 0x1)
r3 = dup2(r2, r1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5334, &(0x7f00000001c0)={0xf48b, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}], 0xffffff76)
fstatfs(r0, &(0x7f0000005200)=""/4096)

22:06:55 executing program 4:

22:06:55 executing program 1:

22:06:58 executing program 0:

22:06:58 executing program 5:
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc0bc5351, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0xc08c5334, &(0x7f0000000000))
r1 = gettid()
timer_create(0x0, &(0x7f0000001600)={0x0, 0x12}, &(0x7f00000001c0))
tkill(r1, 0x1000000000013)

22:06:58 executing program 3:

22:06:58 executing program 1:

22:06:58 executing program 4:

22:06:58 executing program 2:

22:06:58 executing program 3:

22:06:58 executing program 4:

22:06:58 executing program 0:

22:06:58 executing program 1:

22:06:58 executing program 2:
r0 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$IPVS_CMD_GET_CONFIG(r0, &(0x7f0000000200)={&(0x7f0000000000), 0xc, &(0x7f00000001c0)={0x0}}, 0x0)

22:06:58 executing program 3:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
arch_prctl$ARCH_MAP_VDSO_X32(0x2001, 0x0)

22:06:58 executing program 4:
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
sendmsg$rds(r0, &(0x7f0000000340)={&(0x7f0000000080)={0x2, 0x2000000, @rand_addr=0x80}, 0x10, 0x0}, 0x0)

22:07:01 executing program 5:
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc0bc5351, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0xc08c5334, &(0x7f0000000000))
r1 = gettid()
timer_create(0x0, &(0x7f0000001600)={0x0, 0x12}, &(0x7f00000001c0))
tkill(r1, 0x1000000000013)

22:07:01 executing program 1:
ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612)
pipe2(&(0x7f00000003c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4000)
ioctl$TIOCGISO7816(r0, 0x80285442, 0x0)
setsockopt$IP_VS_SO_SET_DELDEST(r0, 0x0, 0x488, &(0x7f0000000140)={{0x2f, @broadcast, 0x4e23, 0x1, 'lc\x00', 0x0, 0x81, 0x19}, {@rand_addr, 0x4e23, 0x4, 0x1, 0xaf, 0x1000}}, 0x44)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, &(0x7f0000000380)=0x100, 0x4)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f0000000540)=ANY=[@ANYBLOB="00000000000000000a004e22334e9e5cff0100000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000268e00000000000000000000000000000000010000000a004e230000800100000000000000000000ffffac14140d00"/268], 0x110)
prctl$PR_SVE_SET_VL(0x32, 0x1000000001ebd8)
add_key$keyring(&(0x7f0000000280)='keyring\x00', &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = socket$alg(0x26, 0x5, 0x0)
ioctl$KDGETMODE(0xffffffffffffffff, 0x4b3b, &(0x7f0000000340))
sendmmsg(0xffffffffffffffff, &(0x7f0000007f00)=[{{&(0x7f00000056c0)=@can, 0x80, 0x0}}, {{&(0x7f0000005900)=@pppoe={0x18, 0x0, {0x0, @link_local, 'syzkaller0\x00'}}, 0x80, &(0x7f0000007ac0), 0x0, &(0x7f0000007b00)}}], 0x2, 0x0)
socket$packet(0x11, 0x0, 0x300)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000003dc0))
write$cgroup_type(r2, &(0x7f0000000100)='threaded\x00', 0xff34)
ioctl$sock_inet_SIOCGIFPFLAGS(r1, 0x8935, &(0x7f0000000240)={'ip6gre0\x00', 0x5})
fallocate(r2, 0x3, 0x0, 0x10000408001)

22:07:01 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r0, 0x0, 0x6c, 0x20000000, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10)

22:07:01 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r2, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000440)={0x4, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='\x00c@@'], 0x0, 0x0, 0x0})
dup2(r1, r2)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000140)={0x4, 0x0, &(0x7f0000000000)=[@enter_looper={0x40486311}], 0x0, 0xfffffdfd, 0x0})

22:07:01 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(cast6))\x00'}, 0x58)
bind$alg(r0, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-generic\x00'}, 0x58)

22:07:01 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x101001, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'nr0\x01\x00', 0x7132})
r2 = socket$kcm(0x29, 0x5, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000002d80)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\xf8-68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&')
write$cgroup_subtree(r1, &(0x7f00000007c0)={[{0x0, '\x03\x8a\xa1t\x03n\xd7\xe0\x8f\x93\xdd\x86\xdd4{\x8fXe:\x06:Wv\xca\xcb\xeb\xb75|5`\xd4V\xcc\xe5\xcdh\x85JF\x7fc\x85\xfa7N$\'\xa9\xd2a\x1bB\xa5D\xf5Tk\xa9\xf9\xb1\xdc\xd5\xed\x0e\'\xb2\x01\xcb\x85\xdeR\t\x94\xeau\xa7\xeb\x03F\xb2\x8b;\xdbf\x13X\xdc'}]}, 0x36)

[  584.526735][T22085] binder: BINDER_SET_CONTEXT_MGR already set
[  584.533128][T22085] binder: 22084:22085 ioctl 40046207 0 returned -16
[  584.564507][T22093] binder_alloc: 22084: binder_alloc_buf size 2554215420696027696 failed, no address space
22:07:01 executing program 2:
ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612)
pipe2(&(0x7f00000003c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4000)
ioctl$TIOCGISO7816(r0, 0x80285442, 0x0)
setsockopt$IP_VS_SO_SET_DELDEST(r0, 0x0, 0x488, &(0x7f0000000140)={{0x2f, @broadcast, 0x4e23, 0x1, 'lc\x00', 0x0, 0x81, 0x19}, {@rand_addr, 0x4e23, 0x4, 0x1, 0xaf, 0x1000}}, 0x44)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, &(0x7f0000000380)=0x100, 0x4)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f0000000540)=ANY=[@ANYBLOB="00000000000000000a004e22334e9e5cff0100000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000268e00000000000000000000000000000000010000000a004e230000800100000000000000000000ffffac14140d00"/244], 0x1)
prctl$PR_SVE_SET_VL(0x32, 0x1000000001ebd8)
add_key$keyring(&(0x7f0000000280)='keyring\x00', &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
socket$alg(0x26, 0x5, 0x0)
ioctl$KDGETMODE(0xffffffffffffffff, 0x4b3b, &(0x7f0000000340))
sendmmsg(0xffffffffffffffff, &(0x7f0000007f00)=[{{&(0x7f00000056c0)=@can, 0x3000, &(0x7f00000000c0)}}, {{&(0x7f0000005900)=@pppoe={0x18, 0x0, {0x0, @link_local, 'syzkaller0\x00'}}, 0x80, &(0x7f0000007ac0), 0x1a9, &(0x7f0000007b00)}}], 0x3fffffffffffe0d, 0x0)
socket$packet(0x11, 0x0, 0x300)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000003dc0))
write$cgroup_type(r1, &(0x7f0000000100)='threaded\x00', 0xff34)
fallocate(r1, 0x3, 0x0, 0x10000408001)

[  584.575452][T22093] binder_alloc: allocated: 16 (num: 2 largest: 8), free: 12272 (num: 1 largest: 12272)
22:07:01 executing program 1:
clone(0x7fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000000, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f00000021c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="0caa0f05"], 0x4}}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x30)
ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f00000000c0)={@empty, 0x33})
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

22:07:01 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
io_setup(0x3, &(0x7f0000000000)=<r1=>0x0)
io_submit(r1, 0x2, &(0x7f0000001480)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x3, 0x0, r0, &(0x7f0000000180)}])

22:07:01 executing program 0:
r0 = socket$inet6(0xa, 0x8000000000001, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000580)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256-generic\x00'}, 0x58)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$dri(&(0x7f00000001c0)='/dev/dri/card#\x00', 0x1, 0x20000)
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f0000000000)={0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x6, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf4fe, 0x0, 0x0, 0x0, "07a30cd41929926a9335701c068b17b9fc07cd039f5a47009833063800"}})
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e21, 0x0, @loopback}, 0x1c)

22:07:01 executing program 4:

22:07:02 executing program 1:

22:07:04 executing program 5:
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc0bc5351, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0xc08c5334, &(0x7f0000000000))
r1 = gettid()
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r1, 0x1000000000013)

22:07:04 executing program 2:

22:07:04 executing program 4:

22:07:04 executing program 0:

22:07:04 executing program 1:

22:07:04 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f0000001a00)=[{&(0x7f0000000080)=""/17, 0x11}, {0x0}, {0x0}], 0x2fc)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xccf3, 0x0, 0x0, 0x800e0053d)
shutdown(r0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000039c0)=[{&(0x7f0000000100)=""/149, 0x95}, {0x0}], 0x2}, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r3, 0x0, 0xccf3, 0x0, 0x0, 0x800e00545)
shutdown(r2, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$sock_timeval(r4, 0xffff, 0x1006, &(0x7f0000000040)={0x2}, 0x10)
recvmsg(r4, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000280)=""/4096, 0x1000}], 0x1}, 0x0)
shutdown(r3, 0x0)
shutdown(r1, 0x0)

22:07:04 executing program 1:
poll(&(0x7f0000000140), 0x17, 0x8000000000049)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0x24f, 0x0, 0x0, 0x800e00806)
ppoll(&(0x7f0000000000)=[{}], 0xc, 0x0, 0x0, 0x25)
shutdown(r0, 0x0)

22:07:04 executing program 4:
r0 = open$dir(&(0x7f0000000080)='./file0\x00', 0x200, 0x0)
poll(&(0x7f0000000140)=[{r0}, {}, {}, {}], 0x4, 0x4e)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00505)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getpeername$inet(r1, 0x0, &(0x7f0000000040))
recvfrom$inet(r2, 0x0, 0x22b41b9a8748acb4, 0x0, 0x0, 0x800e0050e)
shutdown(r1, 0x0)
shutdown(r2, 0x0)

22:07:04 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000140)=""/133, 0x85}, {0x0}, {0x0}], 0x3}, 0x0)
r1 = dup(r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r2, 0x0, 0xccf3, 0x0, 0x0, 0x800e0053d)
shutdown(r1, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000040)=""/30, 0x1e}], 0x1}, 0x2)
r4 = dup(r3)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r5, 0x0, 0x73a0b1b, 0x0, 0x0, 0x800e00549)
shutdown(r4, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000100)=""/18, 0x12}], 0x1}, 0x0)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r7, 0x0, 0xbf9d, 0x0, 0x0, 0x800e0053e)
shutdown(r6, 0x0)
r8 = socket$inet6_icmp_raw(0x1c, 0x3, 0x3a)
readv(r8, &(0x7f0000000480)=[{&(0x7f00000000c0)=""/27, 0x1b}, {0x0}], 0x2)
shutdown(r7, 0x0)
shutdown(r5, 0x0)
shutdown(r2, 0x0)

22:07:04 executing program 2:
poll(0x0, 0x0, 0x4d)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0x1c5, 0x0, 0x0, 0x800e00447)
shutdown(r0, 0x0)

22:07:05 executing program 2:
r0 = socket$inet6_sctp(0x1c, 0x1, 0x84)
poll(&(0x7f0000000080)=[{}, {}, {r0}], 0x3, 0x4e)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0x2a80, 0x0, 0x0, 0x800e00506)
setsockopt$sock_timeval(r1, 0xffff, 0x1006, 0x0, 0x0)
recvfrom$inet(r1, 0x0, 0x1789836bed901fc7, 0x0, 0x0, 0x800e0050e)
shutdown(r1, 0x0)

22:07:05 executing program 4:

22:07:07 executing program 5:
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc0bc5351, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0xc08c5334, &(0x7f0000000000))
r1 = gettid()
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r1, 0x1000000000013)

22:07:07 executing program 4:
r0 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000040)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x0, 0x80003})

22:07:07 executing program 0:
r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/net\x00')
setns(r0, 0x40000000)

22:07:07 executing program 2:
r0 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r0, 0x40045402, &(0x7f0000000600)=0x2)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000040)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000080)={0x0, 0x1f, 0x200})

22:07:07 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='oom_score_adj\x00')
preadv(r1, &(0x7f0000000140), 0x10000000000002bc, 0x0)

22:07:07 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = inotify_init()
r1 = open(&(0x7f0000000040)='./file0\x00', 0x200c2, 0x0)
r2 = syz_genetlink_get_family_id$net_dm(&(0x7f00000000c0)='NET_DM\x00')
sendmsg$NET_DM_CMD_STOP(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r2, 0x0, 0x70bd2d, 0x25dfdbff, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4048080}, 0x24000800)
inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0x4000082)
write$nbd(r1, &(0x7f0000000380)={0x67446698, 0x0, 0x0, 0x0, 0x0, "6517a42ac4cb7a63d1a97a7e5a31524e892eac4023b714a3202f99f16d06589e03469637a7267592938766010a35efd21affe2009efdc31a381587a5960ac2022d45136803a9e841e84f03d05ebc7e87c1"}, 0x61)
sendfile(r1, r1, &(0x7f0000000200), 0xa198)

22:07:07 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000001c0)=0x1, 0x4)
syz_open_dev$adsp(&(0x7f0000000200)='/dev/adsp#\x00', 0xd7c, 0x80)
bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
listen(r0, 0x5)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = accept4(r0, 0x0, 0x0, 0x0)
fsetxattr$security_ima(r2, 0x0, 0x0, 0x0, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000280)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0xbb8, 0x0, 0x1000000000054}, 0x98)

22:07:07 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1400000002091903130000"], 0x14}}, 0x0)

22:07:07 executing program 4:
r0 = syz_open_dev$sndseq(&(0x7f0000050000)='/dev/snd/seq\x00', 0x0, 0x0)
r1 = dup2(r0, r0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r1, 0x40bc5311, &(0x7f00000009c0)={0x80, 0x1, 'client0\x00', 0x0, '\x00', "88e7ed0000051eae961ef6c6992b7e6e560000f9fff77711be18a3d918e000"})

22:07:07 executing program 3:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)

22:07:08 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000001c0), 0x4)
syz_open_dev$adsp(&(0x7f0000000200)='/dev/adsp#\x00', 0xd7c, 0x80)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xf5, 0x0, [0x519]})
pipe(&(0x7f0000000100))
bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
listen(r0, 0x5)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000280)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0xbb8, 0x0, 0x1000000000054}, 0x98)

22:07:08 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
syz_open_dev$adsp(&(0x7f0000000200)='/dev/adsp#\x00', 0x0, 0x80)
pipe(&(0x7f0000000100))
bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
listen(r0, 0x5)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000280)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0xbb8, 0x0, 0x1000000000054}, 0x98)

22:07:10 executing program 2:
mkdir(&(0x7f0000000240)='./file0\x00', 0x0)
r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000280)=""/121, 0x200002f9)

22:07:10 executing program 5:
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc0bc5351, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0xc08c5334, &(0x7f0000000000))
r1 = gettid()
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r1, 0x1000000000013)

22:07:10 executing program 3:

22:07:10 executing program 1:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup\x00\f#\x9f\xd0\x85\xac\xc4\x9b\x81-\xb3\xd7=C\xea', 0x200002, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
write$FUSE_INIT(r1, &(0x7f0000000180)={0x50}, 0x50)
ftruncate(r1, 0x8200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x40000008})
read$FUSE(r2, &(0x7f0000001740), 0x1000)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f0000000140)={0x30}, 0x30)

22:07:10 executing program 0:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
dup(0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
io_setup(0xdf6, &(0x7f0000000000)=<r1=>0x0)
r2 = eventfd2(0x0, 0x0)
read(r2, &(0x7f0000000340)=""/232, 0xe8)
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
io_submit(r1, 0x1, &(0x7f0000000600)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0xdd4ad65, 0x0, 0x0, 0x1, r2}])
r3 = dup2(r0, r2)
write$FUSE_GETXATTR(r3, &(0x7f0000000040)={0x18, 0xfffffffffffffff2, 0x0, {0x7}}, 0x18)
fchmod(0xffffffffffffffff, 0x0)
ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f00000000c0))

22:07:10 executing program 4:
r0 = msgget$private(0x0, 0x0)
recvfrom$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x2, 0x4e21, @empty}, 0x10)
msgrcv(r0, &(0x7f00000001c0)={0x0, ""/250}, 0x102, 0x0, 0x0)
msgctl$IPC_SET(r0, 0x1, &(0x7f0000258f88))
msgsnd(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1c"], 0x1, 0x0)
gettid()
timer_create(0x0, &(0x7f0000ec5000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
r1 = shmget(0x3, 0x4000, 0x0, &(0x7f0000ffb000/0x4000)=nil)
shmat(r1, &(0x7f0000ffb000/0x3000)=nil, 0x4f70e5283d47630f)
msgctl$IPC_SET(r0, 0x1, &(0x7f0000000700)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9})

22:07:10 executing program 1:
r0 = msgget$private(0x0, 0x0)
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cachefiles\x00', 0x0, 0x0)
msgrcv(r0, &(0x7f00000001c0)={0x0, ""/250}, 0x102, 0x0, 0x0)
msgctl$IPC_SET(r0, 0x1, &(0x7f0000258f88))
msgsnd(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1c5b7473d7a91302005bf912752a10c3de1fd889bfca3d70d1b1f6feab26150adba946d40d36ff364acc892090b2b164d182de888d523c29b14cfddae2639c6159eca555552fd2c0385d009d71"], 0x0, 0x0)
timer_create(0x0, &(0x7f0000ec5000)={0x0, 0x12}, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
shmat(0x0, &(0x7f0000ffb000/0x3000)=nil, 0x4f70e5283d47630f)
tkill(0x0, 0x1000000000013)
msgctl$IPC_SET(r0, 0x1, &(0x7f0000000700)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9})

22:07:11 executing program 3:

22:07:11 executing program 2:

22:07:11 executing program 3:

22:07:11 executing program 4:

22:07:11 executing program 2:

22:07:11 executing program 3:

22:07:13 executing program 5:
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc0bc5351, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0xc08c5334, &(0x7f0000000000))
timer_create(0x0, &(0x7f0000001600)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(0x0, 0x1000000000013)

22:07:13 executing program 2:

22:07:13 executing program 4:

22:07:13 executing program 0:

22:07:13 executing program 1:

22:07:13 executing program 3:

22:07:14 executing program 2:

22:07:14 executing program 4:
syz_emit_ethernet(0x140, &(0x7f0000000640)={@local, @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "50a09c", 0x10a, 0xffffff11, 0x0, @remote, @local, {[], @udp={0x0, 0x0, 0x10a}}}}}}, 0x0)

22:07:14 executing program 1:

22:07:14 executing program 0:

22:07:14 executing program 3:

22:07:14 executing program 2:

22:07:14 executing program 5:
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc0bc5351, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0xc08c5334, &(0x7f0000000000))
timer_create(0x0, &(0x7f0000001600)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(0x0, 0x1000000000013)

22:07:14 executing program 1:

22:07:14 executing program 4:
io_setup(0x1004, &(0x7f0000000200)=<r0=>0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x2, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000002c0)={'\x00\x00\x00\x00e&\xa28\x00\x00\x00\x00\x02\x00\xef\f', 0x20000005003})
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040))
io_submit(r0, 0x1, &(0x7f0000000600)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x800000000001, 0x0, r1, &(0x7f0000000040), 0x2000ffa6}])

22:07:14 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x40c2, 0x0)
r1 = open$dir(&(0x7f0000000340)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d8", 0x400)
sendfile(r0, r1, 0x0, 0x10000)
syz_emit_ethernet(0x5e, &(0x7f0000000040)={@random="4117afe8291b", @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, [{[{0x9100, 0x0, 0x8, 0x4}], {0x8100, 0xfff}}], {@canfd={0xd, {{0x0, 0x0, 0x10344000}, 0x0, 0x2, 0x0, 0x0, "27f34328a592419c814cb4fe0bc9679a42e412409a61d413b3b4f8cc1e5f0b6ffb2310e0c4a1429231c85bf89f3b55cfc17b0896e9865173f63899d67b635a0a"}}}}, 0x0)
setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000200)={{0xa, 0x4e22, 0xee, @loopback}, {0xa, 0x4e22, 0x0, @rand_addr="d8e1d6bf1ff274efdf17704e6b3754a8"}, 0x0, [0x70, 0x7f, 0xc39, 0xffffffff, 0x4, 0x1]}, 0x5c)
setxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x1)

22:07:14 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
socket$inet_udp(0x2, 0x2, 0x0)
close(0xffffffffffffffff)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)

22:07:14 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180)='TIPCv2\x00')
sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)={0x14, r1, 0x1, 0x0, 0x0, {0x2}}, 0x14}}, 0x0)

22:07:15 executing program 1:
r0 = getpid()
sched_setattr(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x1003, 0x0, 0x0, 0x3ea}, 0x800000)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000680)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00')
ioctl$UI_GET_VERSION(r1, 0x8004552d, &(0x7f0000000440))
getpid()
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)=<r3=>0x0)
r4 = msgget$private(0x0, 0x0)
msgctl$IPC_SET(r4, 0x1, &(0x7f00000014c0))
ioctl$UI_BEGIN_FF_UPLOAD(r1, 0xc06855c8, &(0x7f0000000040)={0x2, 0x1, {0x56, 0x78, 0x3, {0xc860, 0xffff}, {0x7, 0x5ade}, @const={0x8, {0x1, 0x8, 0xe72, 0x8}}}, {0x57, 0x3ff, 0x1fe000000000000, {0x8, 0xcc}, {0x1, 0x1}, @const={0x4, {0x8, 0x3285, 0x6, 0x6}}}})
request_key(0x0, &(0x7f0000000700)={'syz', 0x1}, 0x0, 0xfffffffffffffffa)
stat(&(0x7f0000000100)='./file0\x00', &(0x7f00000005c0))
getresuid(&(0x7f00000004c0), 0x0, &(0x7f0000000300))
lstat(0x0, &(0x7f0000000900))
r5 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r5)
getuid()
getgroups(0x0, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000009c0), 0x0)
getresgid(&(0x7f0000000a40), &(0x7f0000000a80), &(0x7f0000000ac0))
getegid()
msgsnd(0x0, &(0x7f0000001000)=ANY=[@ANYBLOB="aefb38f9ac9c60c4c76b4b99e788639c17f07726c66bd248e61627404371a6608161adfbeeb9dd4a7816da2f0044899ff2b080685375ebc7cf282d60c24c2ef369e6f9a1d7d04e1fdbf1934977c1eff516001b82e00f9147cddd78e07def8bbdbd5bdd140987e6eab99df30d558d33ee53722cba1114d13b04cb53beebc6b5df5d37482d04099e6180eed19b35fcabb5f8660a74a09fe5d67ec847b009bbae440c97d6a1848dc66b1b7eeefed01ab0b1d1a2f6bd840140c1b448309762175e4622b38c4e376fb0b8cd69154327d75bbe376709e6cc649e955ab0c16d20f3c9f6ab695d7eb7ae1f3111d7d50ee16311300f8fe0747843846284b1ba153816048dd6908fa5cd4be8c3ce220091df8cb17818800f2adb9939616df1981f6fdd3bbf8210f210df38a8fe409b3c25a4c997b65dd5930c3803c6d42f4fd3400bc742a409d2cacc1280b5ff9ef80d60dbab6424f6871578f8f2fa7742c038a82616622119de451061820b3aa1a292326d9d244e57af670250e55761ebd33991f591259326ef064e46f03470e983e30bce11d0376346bc3e901e7fa070b7e4a1507b16489d63ab943a702fe2d32436748b357693ce7691a20000000000000000000000009ea447915a9a006373358ed92c29db0029bb8d7487393abb4af00d2c657d6b33ff06f9ee01f35ccc6e2dbbc6cb7bcfa63b58985654f1ff2c8ec7d57dd97f3d2b50f45e169d6b323542756669aba736a3ec99d838e253dbd011deaee50374e8201d5d2caecc43712c68830ed9aafdbe449400000000498cf437303000049b39df1d6dc04771358c7af8b390b392ff7da2841e374099bf4266b52e82f3bfb430b59ea868da870358d49c362488218e"], 0x1, 0x0)
timer_settime(r3, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
tkill(r2, 0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81})
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$SO_TIMESTAMPING(r6, 0x1, 0x25, 0x0, &(0x7f0000000340))
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x8914, &(0x7f00000000c0)={'lo\x00'})
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x8914, &(0x7f0000000140)={'lo\x00', 0x101})

22:07:15 executing program 0:
write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0)
ioctl$VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, 0x0)
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x2, 0x0)
lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
r2 = getgid()
stat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
r4 = getuid()
r5 = syz_open_dev$admmidi(&(0x7f0000000180)='/dev/admmidi#\x00', 0x106, 0x0)
fcntl$dupfd(r0, 0x406, r0)
ioctl$UI_SET_KEYBIT(r5, 0x40045565, 0x29b)
getresgid(&(0x7f0000000580)=<r6=>0x0, &(0x7f0000000380), &(0x7f0000000600))
write$FUSE_DIRENTPLUS(r0, &(0x7f0000000640)={0x2a8, 0xffffffffffffffff, 0x5, [{{0x0, 0x2, 0x3, 0x0, 0x7, 0x1000, {0x5, 0x75c2963c, 0x7fff, 0x2, 0xfffffffffffffffa, 0x6, 0x1, 0x20, 0x2, 0xff, 0x1000, r1, r2, 0x1}}, {0x3, 0x6, 0xd, 0x54f0, '/dev/video35\x00'}}, {{0x1, 0x1, 0x7, 0x0, 0x80000001, 0x3, {0x1, 0x400, 0x4, 0x4, 0xa9a, 0x138, 0x8, 0xbce, 0x0, 0x2, 0x80000000, 0x0, r3, 0x2}}, {0x6, 0x8, 0x6, 0x3f, 'vmnet0'}}, {{0x1, 0x2, 0x10001, 0x7fff, 0x70000000000, 0x4, {0x6, 0x0, 0x3, 0x0, 0x101, 0x400000004000000, 0x63, 0xfffffffffffffffb, 0x5, 0xb5171a, 0xbae, r4, 0x0, 0x44fb4e52, 0x6}}, {0x4, 0xd1, 0xe, 0x17, '/dev/snapshot\x00'}}, {{0x5, 0x3, 0x4, 0x5, 0x4, 0x100000000, {0x3, 0x401, 0x83ea, 0x8001, 0x2, 0x7f, 0x6, 0x9, 0x3, 0x2, 0x740ef94d, 0x0, r6, 0x7, 0x75a0}}, {0x0, 0x8, 0xe, 0x100000000, '/dev/snapshot\x00'}}]}, 0x2a8)
r7 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snapshot\x00', 0x20601, 0x0)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0)
shutdown(r5, 0x1)
write$P9_RWRITE(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r7)

22:07:15 executing program 2:
socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x0, 0x70, 0x2000000000000, 0x0, 0x8, 0x0, 0x0, 0x0, 0xc000, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x14, &(0x7f0000000240), &(0x7f00000002c0)=0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="0207000902000000000000000000d5f7"], 0x10}}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
perf_event_open(&(0x7f00000006c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x20}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000380)={{{@in6, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@loopback, 0x0, 0x33}, 0x0, @in6=@local, 0x0, 0x0, 0x0, 0x6}}, 0xe8)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
sendmmsg(r1, &(0x7f0000007e00), 0x400000000000058, 0x0)

22:07:15 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-blowfish-asm\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x80800)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5", 0x4)
sendto$unix(r2, &(0x7f0000000140), 0x14ded905162a6a4b, 0x0, 0x0, 0x429)

22:07:15 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x82, 0x0)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x4400, 0x0)

22:07:15 executing program 0:
io_setup(0x1004, &(0x7f0000000200)=<r0=>0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0)
io_submit(r0, 0x1, &(0x7f0000000600)=[&(0x7f0000000180)={0x0, 0x0, 0x41, 0x2, 0x0, r1, 0x0}])

22:07:15 executing program 5:
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc0bc5351, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0xc08c5334, &(0x7f0000000000))
timer_create(0x0, &(0x7f0000001600)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(0x0, 0x1000000000013)

[  598.952421][T22353] device lo entered promiscuous mode
[  599.080810][T22387] device lo left promiscuous mode
22:07:16 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x40c2, 0x0)
r1 = open$dir(&(0x7f0000000340)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d8", 0x400)
sendfile(r0, r1, 0x0, 0x10000)
syz_emit_ethernet(0x5e, &(0x7f0000000040)={@random="4117afe8291b", @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, [{[{0x9100, 0x0, 0x8, 0x4}], {0x8100, 0xfff}}], {@canfd={0xd, {{0x0, 0x0, 0x10344000, 0x200}, 0x0, 0x2, 0x0, 0x0, "27f34328a592419c814cb4fe0bc9679a42e412409a61d413b3b4f8cc1e5f0b6ffb2310e0c4a1429231c85bf89f3b55cfc17b0896e9865173f63899d67b635a0a"}}}}, 0x0)
setxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x1)

22:07:16 executing program 3:
openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x40000000af01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83, 0x0, 0x0, 0x0, 0x800000000000000, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffffff, 0x0, 0x1a8)
mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0)
ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, &(0x7f00000002c0)=0x20900001c)
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0x80000040)
umount2(&(0x7f0000000180)='./file0\x00', 0x0)

22:07:16 executing program 0:
io_setup(0x1004, &(0x7f0000000200)=<r0=>0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0)
io_submit(r0, 0x1, &(0x7f0000000600)=[&(0x7f0000000180)={0x0, 0x0, 0x41, 0x5, 0x0, r1, 0x0}])

22:07:16 executing program 2:
getgid()
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snapshot\x00', 0x20601, 0x0)
close(r0)

22:07:16 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180)='TIPCv2\x00')
sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x8, 0x4, [@TIPC_NLA_LINK_PROP={0x4, 0x9}]}]}, 0x1c}}, 0x0)

22:07:16 executing program 1:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x12000000013, &(0x7f0000d06000)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @loopback}, 0x6a)
setsockopt$inet_tcp_int(r0, 0x6, 0x4000000000014, &(0x7f0000000600)=0x80000000001, 0xffad)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$P9_RREMOVE(r1, &(0x7f0000000000)={0x7}, 0x7)
recvmmsg(r0, &(0x7f00000001c0), 0x315, 0xea225aec34b1dd0e, 0x0)

22:07:16 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0xf00, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d08000000000000000007000200100008000300"/36], 0x24}}, 0x0)

[  599.732595][T22427] netlink: 'syz-executor.4': attribute type 9 has an invalid length.
22:07:16 executing program 3:
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000b0f000/0x4000)=nil, 0x4000, 0x0, 0x81, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x1, 0x0, 0x0, 0x10000000002)

22:07:16 executing program 5:
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc0bc5351, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue0\x00'})
r1 = gettid()
timer_create(0x0, &(0x7f0000001600)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r1, 0x1000000000013)

[  599.783663][T22435] netlink: 'syz-executor.4': attribute type 9 has an invalid length.
22:07:17 executing program 2:

22:07:17 executing program 4:

22:07:17 executing program 1:

22:07:17 executing program 0:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)}, 0x0)
setregid(0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
sysinfo(&(0x7f0000000200))
socketpair(0x1, 0x3, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f1, &(0x7f0000000080)='ip6tnl0\x00')
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$revoke(0x3, 0x0)

22:07:17 executing program 4:
openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x40000000af01, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000180)='/dev/net/tun\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe(0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffffff, 0x0, 0x1a8)
mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0)
ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, &(0x7f00000002c0)=0x20900001c)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x200000, 0x0)
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0x80000040)
umount2(&(0x7f0000000180)='./file0\x00', 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, 0x0, &(0x7f0000000100))
ioctl$SG_GET_TIMEOUT(0xffffffffffffffff, 0x2202, 0x0)

22:07:17 executing program 2:
r0 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x80004e20}, 0x1c)
listen(r0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

22:07:17 executing program 3:

22:07:17 executing program 1:

[  600.354572][T22463] TCP: request_sock_TCPv6: Possible SYN flooding on port 20000. Sending cookies.  Check SNMP counters.
22:07:17 executing program 0:

22:07:17 executing program 3:

22:07:17 executing program 2:

22:07:17 executing program 5:
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc0bc5351, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue0\x00'})
r1 = gettid()
timer_create(0x0, &(0x7f0000001600)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r1, 0x1000000000013)

22:07:17 executing program 1:

22:07:17 executing program 4:

22:07:17 executing program 3:

22:07:17 executing program 2:

22:07:17 executing program 0:

22:07:17 executing program 1:

22:07:17 executing program 2:

22:07:18 executing program 4:

22:07:18 executing program 3:

22:07:18 executing program 0:

22:07:18 executing program 2:

22:07:18 executing program 5:
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc0bc5351, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue0\x00'})
r1 = gettid()
timer_create(0x0, &(0x7f0000001600)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r1, 0x1000000000013)

22:07:18 executing program 4:

22:07:18 executing program 1:

22:07:18 executing program 0:

22:07:18 executing program 3:

22:07:18 executing program 2:

22:07:18 executing program 3:

22:07:18 executing program 0:

22:07:18 executing program 1:

22:07:19 executing program 4:

22:07:19 executing program 2:

22:07:19 executing program 0:

22:07:19 executing program 5:
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc0bc5351, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0xc08c5334, &(0x7f0000000000))
r1 = gettid()
timer_create(0x0, &(0x7f0000001600)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r1, 0x1000000000013)

22:07:19 executing program 3:

22:07:19 executing program 1:

22:07:19 executing program 0:

22:07:19 executing program 4:
socket$unix(0x1, 0x0, 0x0)
poll(&(0x7f0000000080), 0x1, 0x4e)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
poll(&(0x7f0000000040)=[{r0}, {}], 0x2, 0x0)
recvfrom$inet(r0, 0x0, 0x35b1fb9b03bbddb0, 0x0, 0x0, 0x800e00812)
ppoll(&(0x7f0000000040), 0x2, 0x0, 0x0, 0xfffffffffffffcd1)
shutdown(r0, 0x0)

22:07:19 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f0000000840)=[{&(0x7f0000000100)=""/111, 0x6f}], 0x1)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0x4ce9, 0x0, 0x0, 0x800e00901)
shutdown(r0, 0x0)
readv(r1, &(0x7f00000019c0)=[{&(0x7f00000008c0)=""/4096, 0x1000}, {0x0}], 0x2)
shutdown(r1, 0x0)

22:07:19 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000140)=""/133, 0x85}, {0x0}, {0x0}, {0x0}], 0x4}, 0x0)
r1 = dup(r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r2, 0x0, 0xccf3, 0x0, 0x0, 0x800e0053d)
shutdown(r1, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000040)=""/30, 0x1e}, {0x0}], 0x1000000000000313}, 0x0)
r4 = dup(r3)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r5, 0x0, 0x73a0b1b, 0x0, 0x0, 0x800e00549)
shutdown(r4, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000100)=""/18, 0x12}], 0x1}, 0x0)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r7, 0x0, 0xbf9d, 0x0, 0x0, 0x800e0053e)
shutdown(r6, 0x0)
r8 = socket$inet6_icmp_raw(0x1c, 0x3, 0x3a)
readv(r8, &(0x7f0000000480)=[{&(0x7f00000000c0)=""/27, 0x1b}, {0x0}, {0x0}], 0x3)
shutdown(r7, 0x0)
shutdown(r5, 0x0)
shutdown(r2, 0x0)

22:07:19 executing program 1:
socket$unix(0x1, 0x0, 0x0)
poll(&(0x7f0000000080), 0x1, 0x4e)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0x35b1fb9b03bbddb0, 0x0, 0x0, 0x800e00812)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
shutdown(r0, 0x0)

22:07:19 executing program 0:
recvmsg$kcm(0xffffffffffffffff, 0x0, 0x3)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x7db, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$TUNGETFEATURES(0xffffffffffffffff, 0x800454cf, 0x0)
socket$kcm(0x29, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000240)='cgroup.controllers\x00')
r0 = perf_event_open$cgroup(0x0, 0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x1)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)='/gro<#\xfbW\xe6\xc6\x0f\x1fKE\xb7M\x99\x9a\x9a\x8c,\xe1[&\xe5\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ}\xb7\xf3\xfe\xf6\xe0.+\xe3\x89\xde\x139E\xa3\x85\xbd\x81\xe9\xbd\xee\xee\x03\x00\x00\x00\x00\x00\x00\x00[T\aE\xdfK\x1d\xeeH;\x15v$\xc5\xbcq\x9a\t\x9ej5\t\x00\x00\x009\x8c4', 0x2761, 0x0)
write$cgroup_pid(r1, &(0x7f0000000100), 0xda4fff08)

22:07:19 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000200)={0x0, 0x1, 0x4, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "ebccd3ea"}, 0x0, 0x0, @fd, 0x4})

22:07:20 executing program 2:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x74, 0x4)
bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r0, 0x0, 0x223, 0x200007fa, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0xf0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000080)=0xda9, 0x4)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_ENUM_DV_TIMINGS(0xffffffffffffffff, 0xc0945662, &(0x7f0000000440)={0x0, 0x0, [], {0x0, @bt={0x0, 0x0, 0xe8c3874515e72736, 0x2, 0x7, 0x0, 0x0, 0x0, 0x1, 0x3, 0xffffffffffffff01, 0x0, 0x0, 0x0, 0x0, 0x7}}})
write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[@ANYRES32, @ANYRES16=0x0], 0x1017f)

22:07:20 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x800000000008032, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)

22:07:20 executing program 5:
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc0bc5351, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0xc08c5334, &(0x7f0000000000))
r1 = gettid()
timer_create(0x0, &(0x7f0000001600)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r1, 0x1000000000013)

22:07:20 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0x10201, 0x0, 0x0, 0x800e0051d)
r1 = dup(r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r2, 0x0, 0x73a0b1b, 0x0, 0x0, 0x800e00549)
shutdown(r1, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000080)=""/34, 0x22}, {0x0}], 0x2}, 0x2)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r4, 0x0, 0xccf3, 0x0, 0x0, 0x800e00545)
shutdown(r3, 0x0)
r5 = socket$inet6_sctp(0x1c, 0x1000000000005, 0x84)
readv(r5, &(0x7f0000000580)=[{&(0x7f0000000080)=""/79, 0x4f}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x7)
shutdown(r4, 0x0)
shutdown(r2, 0x0)

22:07:20 executing program 1:
poll(&(0x7f0000000140), 0x17, 0x8000000000049)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0x24f, 0x0, 0x0, 0x800e00806)
fcntl$setstatus(r0, 0x4, 0x44)
shutdown(r0, 0x0)

22:07:21 executing program 2:
poll(&(0x7f0000000140)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x9, 0x4e)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00505)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = socket$inet6_tcp(0x1c, 0x1, 0x0)
getsockopt$inet6_tcp_buf(r2, 0x6, 0x41, &(0x7f0000000000)=""/38, &(0x7f0000000080)=0x26)
recvfrom$inet(r1, 0x0, 0x22b41b9a8748acb4, 0x0, 0x0, 0x800e0050e)
shutdown(r0, 0x0)
shutdown(r1, 0x0)

22:07:21 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f00000011c0)=[{&(0x7f0000000000)=""/118, 0x76}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6)
r1 = dup(r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r2, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00505)
shutdown(r1, 0x0)
select(0x40, &(0x7f0000000100)={0x2}, 0x0, 0x0, 0x0)
shutdown(r2, 0x0)

22:07:21 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000140)=""/133, 0x85}, {0x0}, {0x0}, {0x0}], 0x4}, 0x2)
r1 = dup(r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r2, 0x0, 0xccf3, 0x0, 0x0, 0x800e0053d)
shutdown(r1, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000040)=""/30, 0x1e}, {0x0}], 0x1000000000000313}, 0x0)
r4 = dup(r3)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r5, 0x0, 0x73a0b1b, 0x0, 0x0, 0x800e00549)
shutdown(r4, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000100)=""/18, 0x12}], 0x1}, 0x0)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r7, 0x0, 0xbf9d, 0x0, 0x0, 0x800e0053e)
shutdown(r6, 0x0)
r8 = socket$inet6_icmp_raw(0x1c, 0x3, 0x3a)
readv(r8, &(0x7f0000000480)=[{&(0x7f00000000c0)=""/27, 0x1b}, {0x0}, {0x0}], 0x3)
shutdown(r7, 0x0)
shutdown(r5, 0x0)
shutdown(r2, 0x0)

22:07:21 executing program 1:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
dup2(r1, r0)
connect$unix(r0, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e)

22:07:21 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001280)={'bridge0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @link_local}, 0x14)
sendto$inet6(r0, &(0x7f0000000540)="0503000006003e0000000200c52cf7c25975e605b02f0800eb2b2ff0dac8897c6b118777886b143a306609000000c5471d130a6632a88161b6fd8f24286a57c3fe257c3314a3978b352bc6c5", 0x4c, 0x0, 0x0, 0x0)
recvfrom$packet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

22:07:21 executing program 5:
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc0bc5351, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0xc08c5334, &(0x7f0000000000))
r1 = gettid()
timer_create(0x0, &(0x7f0000001600)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r1, 0x1000000000013)

22:07:21 executing program 2:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
poll(&(0x7f0000000040)=[{}, {r0, 0x42}, {r1}], 0x3, 0x0)
poll(&(0x7f0000000040), 0x2000000000000014, 0x4e)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r2, 0x0, 0xfffffd0c, 0x0, 0x0, 0x800e00a16)
ppoll(&(0x7f0000000040), 0x19, 0x0, 0x0, 0x69)
shutdown(r2, 0x0)

22:07:21 executing program 4:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
poll(&(0x7f0000000040)=[{r0}], 0x1, 0x0)
poll(&(0x7f0000000040), 0x2000000000000014, 0x4e)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xfffffd0c, 0x0, 0x0, 0x800e00a16)
ppoll(&(0x7f0000000040), 0x19, 0x0, 0x0, 0x69)
shutdown(r1, 0x0)

22:07:22 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x800000000008032, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)

22:07:22 executing program 1:
poll(0x0, 0x0, 0x8000000000049)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0x24f, 0x0, 0x0, 0x800e00806)
fcntl$setstatus(r0, 0x4, 0x44)
shutdown(r0, 0x0)

22:07:22 executing program 2:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="11")
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20004004, &(0x7f0000000040)={0xa, 0x20004e22, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000000)='tls\x00', 0xc498ead121f97dd6)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "d44eb8c7308ec7c4", "442065238929350ade91900b51fc9534", "6bdda720", "7ee51430da3f51b3"}, 0x28)
sendto$inet6(r0, &(0x7f00000005c0), 0xffffffffffffffc1, 0x0, 0x0, 0x1201000000003618)

[  605.104009][    C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
22:07:22 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x74, 0x4)
bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r0, 0x0, 0x223, 0x200007fa, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0xf0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000080)=0xda9, 0x4)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[@ANYRES32, @ANYRES16=0x0], 0x1017f)

22:07:22 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_subtree(r0, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)={[{0x200002b, 'pids'}]}, 0x6)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x2d, 'pids'}]}, 0x6)

22:07:22 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f00000000c0)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000000)=0x100005)

22:07:22 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$pppoe(0x18, 0x1, 0x0)
sendmsg$IPVS_CMD_GET_CONFIG(r0, 0x0, 0x800)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
connect$pppoe(r1, &(0x7f0000000080)={0x18, 0x0, {0x2, @link_local, 'bond0\x00'}}, 0x1e)
sendmmsg(r1, &(0x7f0000005b40), 0x4000000000001b2, 0x0)

[  605.520219][T22670] ==================================================================
[  605.521942][T22670] BUG: KMSAN: uninit-value in bond_start_xmit+0x199b/0x2c30
[  605.521942][T22670] CPU: 0 PID: 22670 Comm: syz-executor.1 Not tainted 5.2.0+ #15
[  605.521942][T22670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  605.521942][T22670] Call Trace:
[  605.521942][T22670]  dump_stack+0x191/0x1f0
[  605.521942][T22670]  kmsan_report+0x162/0x2d0
[  605.521942][T22670]  __msan_warning+0x75/0xe0
[  605.521942][T22670]  bond_start_xmit+0x199b/0x2c30
[  605.521942][T22670]  ? validate_xmit_xfrm+0xac/0x15e0
[  605.521942][T22670]  ? __msan_metadata_ptr_for_load_2+0x10/0x20
[  605.521942][T22670]  ? bond_close+0x1d0/0x1d0
[  605.521942][T22670]  dev_hard_start_xmit+0x51a/0xab0
[  605.521942][T22670]  __dev_queue_xmit+0x394d/0x4270
[  605.521942][T22670]  ? kmsan_memcpy_memmove_metadata+0x8bc/0xe00
[  605.521942][T22670]  dev_queue_xmit+0x4b/0x60
[  605.521942][T22670]  pppoe_sendmsg+0xb0e/0xb60
[  605.521942][T22670]  ? llc_sysctl_exit+0x110/0x110
[  605.521942][T22670]  ? pppoe_getname+0x170/0x170
[  605.521942][T22670]  ___sys_sendmsg+0x12ff/0x13c0
[  605.521942][T22670]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  605.521942][T22670]  ? __fget_light+0x6b1/0x710
[  605.521942][T22670]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  605.521942][T22670]  __sys_sendmmsg+0x53a/0xae0
[  605.521942][T22670]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[  605.521942][T22670]  ? prepare_exit_to_usermode+0x19a/0x4d0
[  605.521942][T22670]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  605.521942][T22670]  __se_sys_sendmmsg+0xbd/0xe0
[  605.521942][T22670]  __x64_sys_sendmmsg+0x56/0x70
[  605.521942][T22670]  do_syscall_64+0xbc/0xf0
[  605.521942][T22670]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  605.521942][T22670] RIP: 0033:0x459829
[  605.521942][T22670] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  605.521942][T22670] RSP: 002b:00007fcba0104c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  605.521942][T22670] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459829
[  605.521942][T22670] RDX: 04000000000001b2 RSI: 0000000020005b40 RDI: 0000000000000004
[  605.521942][T22670] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  605.521942][T22670] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcba01056d4
[  605.521942][T22670] R13: 00000000004c7000 R14: 00000000004dc570 R15: 00000000ffffffff
[  605.521942][T22670] 
[  605.521942][T22670] Uninit was created at:
[  605.521942][T22670]  kmsan_internal_poison_shadow+0x53/0xa0
[  605.521942][T22670]  kmsan_slab_alloc+0xaa/0x120
[  605.521942][T22670]  __kmalloc_node_track_caller+0xc8f/0xf10
[  605.521942][T22670]  __alloc_skb+0x306/0xa10
[  605.521942][T22670]  sock_wmalloc+0x13e/0x650
[  605.521942][T22670]  pppoe_sendmsg+0x3df/0xb60
[  605.521942][T22670]  ___sys_sendmsg+0x12ff/0x13c0
[  605.521942][T22670]  __sys_sendmmsg+0x53a/0xae0
[  605.521942][T22670]  __se_sys_sendmmsg+0xbd/0xe0
[  605.521942][T22670]  __x64_sys_sendmmsg+0x56/0x70
[  605.521942][T22670]  do_syscall_64+0xbc/0xf0
[  605.521942][T22670]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  605.521942][T22670] ==================================================================
[  605.521942][T22670] Disabling lock debugging due to kernel taint
[  605.521942][T22670] Kernel panic - not syncing: panic_on_warn set ...
[  605.521942][T22670] CPU: 0 PID: 22670 Comm: syz-executor.1 Tainted: G    B             5.2.0+ #15
[  605.521942][T22670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  605.521942][T22670] Call Trace:
[  605.521942][T22670]  dump_stack+0x191/0x1f0
[  605.521942][T22670]  panic+0x3c9/0xc1e
[  605.521942][T22670]  kmsan_report+0x2ca/0x2d0
[  605.521942][T22670]  __msan_warning+0x75/0xe0
[  605.521942][T22670]  bond_start_xmit+0x199b/0x2c30
[  605.521942][T22670]  ? validate_xmit_xfrm+0xac/0x15e0
[  605.521942][T22670]  ? __msan_metadata_ptr_for_load_2+0x10/0x20
[  605.521942][T22670]  ? bond_close+0x1d0/0x1d0
[  605.521942][T22670]  dev_hard_start_xmit+0x51a/0xab0
[  605.521942][T22670]  __dev_queue_xmit+0x394d/0x4270
[  605.521942][T22670]  ? kmsan_memcpy_memmove_metadata+0x8bc/0xe00
[  605.521942][T22670]  dev_queue_xmit+0x4b/0x60
[  605.521942][T22670]  pppoe_sendmsg+0xb0e/0xb60
[  605.521942][T22670]  ? llc_sysctl_exit+0x110/0x110
[  605.521942][T22670]  ? pppoe_getname+0x170/0x170
[  605.521942][T22670]  ___sys_sendmsg+0x12ff/0x13c0
[  605.521942][T22670]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  605.521942][T22670]  ? __fget_light+0x6b1/0x710
[  605.521942][T22670]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  605.521942][T22670]  __sys_sendmmsg+0x53a/0xae0
[  605.521942][T22670]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[  605.521942][T22670]  ? prepare_exit_to_usermode+0x19a/0x4d0
[  605.521942][T22670]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  605.521942][T22670]  __se_sys_sendmmsg+0xbd/0xe0
[  605.521942][T22670]  __x64_sys_sendmmsg+0x56/0x70
[  605.521942][T22670]  do_syscall_64+0xbc/0xf0
[  605.521942][T22670]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  605.521942][T22670] RIP: 0033:0x459829
[  605.521942][T22670] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  605.521942][T22670] RSP: 002b:00007fcba0104c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  605.521942][T22670] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459829
[  605.521942][T22670] RDX: 04000000000001b2 RSI: 0000000020005b40 RDI: 0000000000000004
[  605.521942][T22670] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  605.521942][T22670] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcba01056d4
[  605.521942][T22670] R13: 00000000004c7000 R14: 00000000004dc570 R15: 00000000ffffffff
[  605.521942][T22670] Kernel Offset: disabled
[  605.521942][T22670] Rebooting in 86400 seconds..