, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 3281.671190] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3281.671202] RSP: 002b:00007f4b44f18c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3281.689376] RAX: ffffffffffffffda RBX: 00007f4b44f18c90 RCX: 0000000000457e29 [ 3281.689386] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 3281.689395] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3281.689405] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4b44f196d4 [ 3281.689414] R13: 00000000004c0d61 R14: 00000000004d2bb8 R15: 0000000000000006 [ 3281.860986] *** Guest State *** 23:36:40 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:41 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x6) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3281.890231] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3281.948108] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3281.967071] CR3 = 0x0000000000000000 [ 3281.974031] RSP = 0x0000000000000000 RIP = 0x0000000000008000 23:36:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x5451, 0x0) [ 3281.998020] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3282.016984] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3282.036568] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3282.056727] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:36:41 executing program 1 (fault-call:6 fault-nth:9): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:36:41 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3282.105658] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3282.142379] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:36:41 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x7) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:41 executing program 3: clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000180), 0x0, 0x0, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000080)) ptrace(0x4206, r0) rt_tgsigqueueinfo(r0, 0x0, 0x12, &(0x7f0000001180)={0x0, 0x0, 0xffffffffffffc592}) ptrace(0x4208, r0) [ 3282.166085] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3282.192365] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:36:41 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3282.254152] GDTR: limit=0x00000000, base=0x0000000000000000 23:36:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x5452, 0x0) [ 3282.294840] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 23:36:41 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 3282.350513] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3282.366871] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3282.410260] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3282.443037] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 23:36:41 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3282.474117] Interruptibility = 00000008 ActivityState = 00000000 [ 3282.509441] *** Guest State *** [ 3282.514075] *** Host State *** [ 3282.526571] RIP = 0xffffffff811b36f0 RSP = 0xffff888051ed78b8 [ 3282.537585] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3282.554712] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3282.570833] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3282.579095] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3282.590651] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3282.608260] CR0=0000000080050033 CR3=00000000a17a3000 CR4=00000000001426e0 [ 3282.617369] CR3 = 0x0000000000000000 [ 3282.624726] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3282.635322] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3282.641680] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3282.648154] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3282.661004] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3282.673546] *** Control State *** [ 3282.680655] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3282.691009] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3282.699143] EntryControls=0000d1ff ExitControls=002fefff [ 3282.714319] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3282.715484] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3282.721765] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3282.742242] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3282.749228] reason=80000021 qualification=0000000000000000 [ 3282.749313] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3282.761212] IDTVectoring: info=00000000 errcode=00000000 [ 3282.769439] TSC Offset = 0xfffff92033f3b9c5 [ 3282.773988] EPT pointer = 0x00000000a492101e [ 3282.778737] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3282.795886] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3282.815448] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:36:41 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(0x0, 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:36:41 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x8) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:41 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x5460, 0x0) [ 3282.826614] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3282.858498] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3282.898400] IDTR: limit=0x00000000, base=0x0000000000000000 23:36:42 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3282.935039] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 23:36:42 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x9) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:42 executing program 3: clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000180), 0x0, 0x0, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000080)) ptrace(0x4206, r0) rt_tgsigqueueinfo(r0, 0x0, 0x12, &(0x7f0000001180)={0x0, 0x0, 0xffffffffffffc592}) ptrace(0x4208, r0) [ 3282.989252] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3283.020336] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3283.073749] Interruptibility = 00000008 ActivityState = 00000000 [ 3283.078498] *** Guest State *** [ 3283.098146] *** Host State *** [ 3283.106059] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3283.107354] RIP = 0xffffffff811b36f0 RSP = 0xffff888051d078b8 23:36:42 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3283.131676] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 23:36:42 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x40049409, 0x0) [ 3283.177224] CR3 = 0x0000000000000000 [ 3283.185674] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3283.195818] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3283.210254] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3283.214504] FSBase=00007f4b44f19700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3283.229272] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3283.242920] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3283.248464] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3283.266722] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:36:42 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xa) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3283.275197] CR0=0000000080050033 CR3=0000000059c31000 CR4=00000000001426f0 [ 3283.300425] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3283.314438] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3283.331796] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3283.339531] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3283.352528] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3283.360264] *** Control State *** [ 3283.371924] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3283.378256] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3283.394071] EntryControls=0000d1ff ExitControls=002fefff [ 3283.410148] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3283.429789] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3283.452986] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3283.457859] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3283.491580] reason=80000021 qualification=0000000000000000 [ 3283.506210] IDTVectoring: info=00000000 errcode=00000000 [ 3283.510329] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3283.518715] TSC Offset = 0xfffff91fd96f7ec5 [ 3283.525501] EPT pointer = 0x00000000a121f01e [ 3283.540282] IDTR: limit=0x00000000, base=0x0000000000000000 23:36:42 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x2, 0x0) 23:36:42 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3283.561486] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3283.572895] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3283.582817] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3283.619661] Interruptibility = 00000008 ActivityState = 00000000 [ 3283.640821] *** Host State *** [ 3283.657331] RIP = 0xffffffff811b36f0 RSP = 0xffff8880927678b8 [ 3283.665577] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3283.675548] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae800000 TRBase=fffffe0000033000 [ 3283.706701] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3283.719965] CR0=0000000080050033 CR3=00000000a0269000 CR4=00000000001426f0 [ 3283.732776] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3283.744088] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3283.750417] *** Control State *** [ 3283.754041] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3283.760956] EntryControls=0000d1ff ExitControls=002fefff 23:36:42 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(0x0, 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:36:42 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x4004ae8b, 0x0) 23:36:42 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xb) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:42 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:42 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x5421, 0x0) [ 3283.766632] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3283.773740] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3283.780653] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3283.787809] reason=80000021 qualification=0000000000000000 [ 3283.794315] IDTVectoring: info=00000000 errcode=00000000 [ 3283.800021] TSC Offset = 0xfffff91f98d37693 [ 3283.804518] EPT pointer = 0x000000009ec3101e 23:36:43 executing program 3: clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000180), 0x0, 0x0, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000080)) ptrace(0x4206, r0) rt_tgsigqueueinfo(r0, r0, 0x0, &(0x7f0000001180)={0x0, 0x0, 0xffffffffffffc592}) ptrace(0x4208, r0) 23:36:43 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3283.969180] *** Guest State *** [ 3283.972513] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:36:43 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3284.010666] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3284.044759] CR3 = 0x0000000000000000 [ 3284.051782] RSP = 0x0000000000000000 RIP = 0x0000000000008000 23:36:43 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xc) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:43 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x4004ae99, 0x0) 23:36:43 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x5450, 0x0) [ 3284.085170] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3284.113130] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 23:36:43 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3284.154104] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3284.205147] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3284.237513] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3284.265170] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3284.298473] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3284.345165] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3284.369800] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3284.379327] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3284.389254] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3284.397525] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3284.405783] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3284.412363] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3284.428704] Interruptibility = 00000008 ActivityState = 00000000 [ 3284.439732] *** Host State *** [ 3284.443071] RIP = 0xffffffff811b36f0 RSP = 0xffff88805a02f8b8 [ 3284.449322] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3284.456269] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3284.464259] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3284.470427] CR0=0000000080050033 CR3=000000004f2e4000 CR4=00000000001426e0 [ 3284.477771] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3284.484627] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3284.491133] *** Control State *** [ 3284.494796] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3284.501742] EntryControls=0000d1ff ExitControls=002fefff [ 3284.507435] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3284.514604] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3284.521555] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3284.528421] reason=80000021 qualification=0000000000000000 [ 3284.534995] IDTVectoring: info=00000000 errcode=00000000 [ 3284.540699] TSC Offset = 0xfffff91f139f6f54 [ 3284.545230] EPT pointer = 0x000000007f9fb01e 23:36:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x0, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:36:43 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:43 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xd) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:43 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x4020940d, 0x0) 23:36:43 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x5451, 0x0) [ 3284.844794] *** Guest State *** 23:36:43 executing program 3: clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000180), 0x0, 0x0, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000080)) ptrace(0x4206, r0) rt_tgsigqueueinfo(r0, r0, 0x0, &(0x7f0000001180)={0x0, 0x0, 0xffffffffffffc592}) ptrace(0x4208, r0) 23:36:43 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x543]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:43 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x5452, 0x0) 23:36:43 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x4048ae9b, 0x0) 23:36:43 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xe) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3284.865919] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3284.905776] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 23:36:44 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3284.945572] CR3 = 0x0000000000000000 [ 3284.965281] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3284.976528] RFLAGS=0x00000002 DR7 = 0x0000000000000400 23:36:44 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xf) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3285.027905] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3285.056152] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3285.073070] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3285.086131] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3285.106015] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3285.143936] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3285.186002] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3285.205893] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3285.226389] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3285.243211] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3285.255060] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3285.264977] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3285.273609] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3285.281707] Interruptibility = 00000008 ActivityState = 00000000 [ 3285.288453] *** Host State *** [ 3285.292057] RIP = 0xffffffff811b36f0 RSP = 0xffff88809108f8b8 [ 3285.299376] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3285.307279] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3285.316203] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3285.322687] CR0=0000000080050033 CR3=00000000516d0000 CR4=00000000001426f0 [ 3285.330604] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3285.338050] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3285.344644] *** Control State *** [ 3285.348938] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3285.356473] EntryControls=0000d1ff ExitControls=002fefff [ 3285.362479] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3285.370051] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3285.377859] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3285.384944] reason=80000021 qualification=0000000000000000 23:36:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x0, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:36:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x4090ae82, 0x0) 23:36:44 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x5460, 0x0) [ 3285.391950] IDTVectoring: info=00000000 errcode=00000000 [ 3285.399278] TSC Offset = 0xfffff91ea5f931ad [ 3285.404108] EPT pointer = 0x000000004b8b401e 23:36:44 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x608]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:44 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x10) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:44 executing program 3: clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000180), 0x0, 0x0, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000080)) ptrace(0x4206, r0) rt_tgsigqueueinfo(r0, r0, 0x0, &(0x7f0000001180)={0x0, 0x0, 0xffffffffffffc592}) ptrace(0x4208, r0) 23:36:44 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x689]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:44 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x40049409, 0x0) 23:36:44 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x11) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x4138ae84, 0x0) [ 3285.760050] *** Guest State *** [ 3285.774573] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3285.830073] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 23:36:44 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3285.876406] CR3 = 0x0000000000000000 [ 3285.890283] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3285.920542] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3285.942549] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 23:36:45 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x4004ae8b, 0x0) [ 3285.963995] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3285.989520] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3286.027036] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3286.063613] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3286.099959] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3286.122812] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3286.140547] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3286.154993] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3286.164653] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3286.174323] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3286.183061] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3286.190971] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3286.200400] Interruptibility = 00000008 ActivityState = 00000000 [ 3286.207536] *** Host State *** [ 3286.211383] RIP = 0xffffffff811b36f0 RSP = 0xffff8880937078b8 [ 3286.218313] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3286.225244] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3286.233844] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3286.240519] CR0=0000000080050033 CR3=000000008f087000 CR4=00000000001426f0 [ 3286.248715] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3286.256380] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3286.262943] *** Control State *** [ 3286.267497] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3286.274548] EntryControls=0000d1ff ExitControls=002fefff [ 3286.280932] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3286.289043] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3286.296380] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 23:36:45 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x0, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:36:45 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x12) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:45 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x806]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:45 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x41a0ae8d, 0x0) [ 3286.303481] reason=80000021 qualification=0000000000000000 [ 3286.311248] IDTVectoring: info=00000000 errcode=00000000 [ 3286.320027] TSC Offset = 0xfffff91e38503464 [ 3286.324491] EPT pointer = 0x000000009355201e 23:36:45 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x4004ae99, 0x0) 23:36:45 executing program 3: clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000180), 0x0, 0x0, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000080)) ptrace(0x4206, r0) rt_tgsigqueueinfo(r0, r0, 0x12, 0x0) ptrace(0x4208, r0) 23:36:45 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd00]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:45 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x4020940d, 0x0) 23:36:45 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x13) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:45 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x8004ae98, 0x0) [ 3286.656845] *** Guest State *** [ 3286.661321] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3286.701866] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3286.720739] CR3 = 0x0000000000000000 [ 3286.725188] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3286.735259] RFLAGS=0x00000002 DR7 = 0x0000000000000400 23:36:45 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe80]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3286.758677] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3286.777980] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3286.811684] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3286.834710] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3286.859154] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:36:45 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x14) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3286.884900] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3286.938830] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3286.972446] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3287.005685] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3287.022082] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3287.043969] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3287.053583] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3287.071592] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3287.090616] Interruptibility = 00000008 ActivityState = 00000000 [ 3287.100202] *** Host State *** [ 3287.104242] RIP = 0xffffffff811b36f0 RSP = 0xffff88805a3178b8 [ 3287.111233] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3287.119222] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3287.129272] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3287.136329] CR0=0000000080050033 CR3=000000009b7e0000 CR4=00000000001426f0 [ 3287.143922] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3287.151601] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3287.158200] *** Control State *** [ 3287.162211] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3287.169948] EntryControls=0000d1ff ExitControls=002fefff [ 3287.176085] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3287.183580] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3287.191560] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3287.199108] reason=80000021 qualification=0000000000000000 23:36:46 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:46 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x4048ae9b, 0x0) 23:36:46 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 23:36:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:36:46 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x15) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3287.206076] IDTVectoring: info=00000000 errcode=00000000 [ 3287.212087] TSC Offset = 0xfffff91db80035b6 [ 3287.217376] EPT pointer = 0x000000009f83d01e [ 3287.387539] *** Guest State *** [ 3287.413245] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3287.439111] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3287.451075] CR3 = 0x0000000000000000 [ 3287.454919] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3287.463909] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3287.472924] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3287.483045] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 23:36:46 executing program 3: clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000180), 0x0, 0x0, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000080)) ptrace(0x4206, r0) rt_tgsigqueueinfo(r0, r0, 0x12, 0x0) ptrace(0x4208, r0) 23:36:46 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:46 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x4090ae82, 0x0) 23:36:46 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x16) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3287.507229] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3287.542997] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3287.609492] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3287.626237] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3287.643115] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:36:46 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x8138ae83, 0x0) 23:36:46 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2800]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3287.654872] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3287.667608] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3287.686684] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3287.695324] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3287.735899] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3287.749971] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 23:36:46 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x4138ae84, 0x0) 23:36:46 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x17) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:46 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3580]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3287.793251] Interruptibility = 00000008 ActivityState = 00000000 [ 3287.831263] *** Host State *** [ 3287.858356] RIP = 0xffffffff811b36f0 RSP = 0xffff8880591f78b8 [ 3287.879931] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 23:36:47 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x81a0ae8c, 0x0) [ 3287.916350] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3287.949325] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3287.985034] CR0=0000000080050033 CR3=000000004dec8000 CR4=00000000001426e0 [ 3288.024076] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3288.054564] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3288.063039] *** Control State *** [ 3288.067850] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3288.077381] EntryControls=0000d1ff ExitControls=002fefff [ 3288.095971] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 23:36:47 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:36:47 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c00]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3288.107227] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3288.114588] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3288.121904] reason=80000021 qualification=0000000000000000 [ 3288.131252] IDTVectoring: info=00000000 errcode=00000000 [ 3288.140082] TSC Offset = 0xfffff91d3dcf9377 [ 3288.144558] EPT pointer = 0x00000000852bd01e [ 3288.281041] *** Guest State *** [ 3288.285214] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3288.295366] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3288.305246] CR3 = 0x0000000000000000 [ 3288.310380] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3288.318919] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3288.325941] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3288.333142] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3288.341934] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3288.351356] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3288.360782] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3288.369835] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3288.379110] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3288.388396] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3288.396949] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3288.415931] IDTR: limit=0x00000000, base=0x0000000000000000 23:36:47 executing program 3: clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000180), 0x0, 0x0, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000080)) ptrace(0x4206, r0) rt_tgsigqueueinfo(r0, r0, 0x12, 0x0) ptrace(0x4208, r0) 23:36:47 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x41a0ae8d, 0x0) 23:36:47 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x18) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:47 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xc0045878, 0x0) 23:36:47 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3288.429657] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3288.466141] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3288.492312] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3288.506429] Interruptibility = 00000008 ActivityState = 00000000 [ 3288.513290] *** Host State *** [ 3288.519082] RIP = 0xffffffff811b36f0 RSP = 0xffff888059b278b8 [ 3288.542160] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3288.552804] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3288.562438] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3288.569385] CR0=0000000080050033 CR3=000000007f408000 CR4=00000000001426f0 [ 3288.579867] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 23:36:47 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3288.595274] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 23:36:47 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x19) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3288.640510] *** Control State *** [ 3288.665111] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3288.695946] EntryControls=0000d1ff ExitControls=002fefff 23:36:47 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x8004ae98, 0x0) 23:36:47 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xc0045878, 0x0) [ 3288.715565] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3288.725482] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3288.732170] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 23:36:47 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4788]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3288.803556] reason=80000021 qualification=0000000000000000 [ 3288.849742] IDTVectoring: info=00000000 errcode=00000000 [ 3288.875173] TSC Offset = 0xfffff91cc789e523 [ 3288.893508] EPT pointer = 0x000000008870b01e 23:36:48 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:36:48 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1a) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3289.181110] *** Guest State *** [ 3289.184463] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3289.201553] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3289.211798] CR3 = 0x0000000000000000 [ 3289.221863] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3289.228175] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3289.234382] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3289.249175] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3289.260720] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3289.272197] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:36:48 executing program 3: clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000180), 0x0, 0x0, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000080)) ptrace(0x4206, r0) rt_tgsigqueueinfo(r0, r0, 0x12, &(0x7f0000001180)) ptrace(0x4208, r0) 23:36:48 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 23:36:48 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4888]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:48 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xc0189436, 0x0) 23:36:48 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1b) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3289.283531] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3289.294896] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3289.353610] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3289.370976] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3289.394712] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3289.424696] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3289.443765] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3289.453893] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3289.477303] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 23:36:48 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:48 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1c) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3289.491872] Interruptibility = 00000008 ActivityState = 00000000 [ 3289.502761] *** Host State *** [ 3289.529478] RIP = 0xffffffff811b36f0 RSP = 0xffff88809687f8b8 [ 3289.554275] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3289.574935] FSBase=00007f5ecd08b700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3289.593585] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 23:36:48 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xc018ae85, 0x0) [ 3289.609854] CR0=0000000080050033 CR3=000000007f408000 CR4=00000000001426e0 [ 3289.620009] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 23:36:48 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x8138ae83, 0x0) [ 3289.656456] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3289.681412] *** Control State *** 23:36:48 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6488]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3289.706170] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3289.742823] EntryControls=0000d1ff ExitControls=002fefff [ 3289.769726] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3289.790991] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3289.808227] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3289.833429] reason=80000021 qualification=0000000000000000 [ 3289.853867] IDTVectoring: info=00000000 errcode=00000000 [ 3289.871515] TSC Offset = 0xfffff91c50297870 [ 3289.888723] EPT pointer = 0x000000008869a01e 23:36:49 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800e]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:49 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1d) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:49 executing program 3: clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000180), 0x0, 0x0, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000080)) ptrace(0x4206, r0) rt_tgsigqueueinfo(r0, r0, 0x12, &(0x7f0000001180)) ptrace(0x4208, r0) 23:36:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xc020660b, 0x0) 23:36:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(0xffffffffffffffff, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:36:49 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x81a0ae8c, 0x0) 23:36:49 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8035]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:49 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1e) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3290.262008] *** Guest State *** 23:36:49 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8100]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3290.287227] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3290.311970] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3290.330042] CR3 = 0x0000000000000000 [ 3290.334097] RSP = 0x0000000000000000 RIP = 0x0000000000008000 23:36:49 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xc0045878, 0x0) [ 3290.360275] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3290.385198] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 23:36:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x2) 23:36:49 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x26) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3290.422731] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3290.451871] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:36:49 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8847]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3290.490011] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3290.514811] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3290.540167] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3290.582546] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:36:49 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xc0045878, 0x0) [ 3290.630294] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3290.689328] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3290.727469] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3290.749086] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3290.760608] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3290.770387] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3290.781616] Interruptibility = 00000008 ActivityState = 00000000 [ 3290.792174] *** Host State *** [ 3290.798807] RIP = 0xffffffff811b36f0 RSP = 0xffff8880a41c78b8 [ 3290.805045] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3290.815150] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3290.826890] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3290.833030] CR0=0000000080050033 CR3=00000000a8f80000 CR4=00000000001426e0 [ 3290.854589] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3290.873317] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3290.888666] *** Control State *** [ 3290.895067] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3290.913556] EntryControls=0000d1ff ExitControls=002fefff [ 3290.921928] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3290.933275] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3290.942537] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3290.953310] reason=80000021 qualification=0000000000000000 [ 3290.962447] IDTVectoring: info=00000000 errcode=00000000 [ 3290.972264] TSC Offset = 0xfffff91bb2a3cdef [ 3290.979026] EPT pointer = 0x00000000a05a201e 23:36:50 executing program 3: clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000180), 0x0, 0x0, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000080)) ptrace(0x4206, r0) rt_tgsigqueueinfo(r0, r0, 0x12, &(0x7f0000001180)) ptrace(0x4208, r0) 23:36:50 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x29) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:50 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x3) 23:36:50 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8848]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:50 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xc0189436, 0x0) 23:36:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(0xffffffffffffffff, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:36:50 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8864]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3291.200215] *** Guest State *** [ 3291.203546] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3291.239316] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 23:36:50 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x2e) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3291.301698] CR3 = 0x0000000000000000 23:36:50 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xc018ae85, 0x0) [ 3291.325773] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3291.363901] RFLAGS=0x00000002 DR7 = 0x0000000000000400 23:36:50 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:50 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x4) [ 3291.373886] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3291.390807] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3291.454496] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3291.495773] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:36:50 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3291.541084] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3291.588652] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3291.605637] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3291.625624] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3291.681558] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3291.706711] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3291.722357] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3291.741288] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3291.747962] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3291.762024] Interruptibility = 00000008 ActivityState = 00000000 [ 3291.768479] *** Host State *** [ 3291.771834] RIP = 0xffffffff811b36f0 RSP = 0xffff8880989b78b8 [ 3291.783669] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3291.790305] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3291.804334] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3291.810540] CR0=0000000080050033 CR3=0000000093bf4000 CR4=00000000001426e0 [ 3291.824251] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3291.831456] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3291.843497] *** Control State *** [ 3291.847151] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3291.854010] EntryControls=0000d1ff ExitControls=002fefff [ 3291.865217] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3291.872317] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3291.884943] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 23:36:51 executing program 3: clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000180), 0x0, 0x0, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000080)) ptrace(0x4206, r0) rt_tgsigqueueinfo(r0, r0, 0x12, &(0x7f0000001180)={0x0, 0x0, 0xffffffffffffc592}) ptrace(0xffffffffffffffff, r0) 23:36:51 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x34) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xc020660b, 0x0) 23:36:51 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0ffff]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x5) [ 3291.891906] reason=80000021 qualification=0000000000000000 [ 3291.904173] IDTVectoring: info=00000000 errcode=00000000 [ 3291.912150] TSC Offset = 0xfffff91b3770fab8 [ 3291.922709] EPT pointer = 0x000000008e42e01e 23:36:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(0xffffffffffffffff, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:36:51 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:51 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x36) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x2) 23:36:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x6) [ 3292.216280] *** Guest State *** [ 3292.224502] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:36:51 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3292.275770] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3292.294228] CR3 = 0x0000000000000000 [ 3292.300661] RSP = 0x0000000000000000 RIP = 0x0000000000008000 23:36:51 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x38) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3292.331373] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3292.364805] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3292.405843] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3292.434387] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3292.475586] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3292.508057] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3292.522217] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3292.547168] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3292.555353] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3292.564292] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3292.573458] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3292.581916] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3292.590465] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3292.602064] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3292.609900] Interruptibility = 00000008 ActivityState = 00000000 [ 3292.616509] *** Host State *** [ 3292.619836] RIP = 0xffffffff811b36f0 RSP = 0xffff888097fff8b8 [ 3292.626623] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3292.633179] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3292.641372] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3292.647916] CR0=0000000080050033 CR3=000000004dec8000 CR4=00000000001426e0 [ 3292.655053] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3292.662182] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3292.668588] *** Control State *** [ 3292.672176] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3292.679233] EntryControls=0000d1ff ExitControls=002fefff [ 3292.684814] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3292.692109] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3292.699127] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3292.706214] reason=80000021 qualification=0000000000000000 [ 3292.712678] IDTVectoring: info=00000000 errcode=00000000 [ 3292.718513] TSC Offset = 0xfffff91aa734bad7 [ 3292.722970] EPT pointer = 0x0000000083ccd01e 23:36:51 executing program 3: clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000180), 0x0, 0x0, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000080)) ptrace(0x4206, r0) rt_tgsigqueueinfo(r0, r0, 0x12, &(0x7f0000001180)={0x0, 0x0, 0xffffffffffffc592}) ptrace(0xffffffffffffffff, r0) 23:36:51 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x3) 23:36:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x7) 23:36:51 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x3a) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:36:52 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3292.925696] *** Guest State *** [ 3292.929030] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3292.975337] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 23:36:52 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x3c) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:52 executing program 3: clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000180), 0x0, 0x0, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000080)) ptrace(0x4206, r0) rt_tgsigqueueinfo(r0, r0, 0x12, &(0x7f0000001180)={0x0, 0x0, 0xffffffffffffc592}) ptrace(0xffffffffffffffff, r0) [ 3293.025851] CR3 = 0x0000000000000000 [ 3293.037466] RSP = 0x0000000000000000 RIP = 0x0000000000008000 23:36:52 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0xf) 23:36:52 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x4) [ 3293.085838] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3293.105724] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 23:36:52 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3293.146062] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3293.154205] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:36:52 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x3e) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3293.205599] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3293.232707] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3293.255486] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3293.275813] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:36:52 executing program 3: clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000180), 0x0, 0x0, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000080)) ptrace(0x4206, r0) rt_tgsigqueueinfo(r0, r0, 0x12, &(0x7f0000001180)={0x0, 0x0, 0xffffffffffffc592}) ptrace(0x4208, 0x0) [ 3293.318916] GDTR: limit=0x00000000, base=0x0000000000000000 23:36:52 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x5) [ 3293.377807] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 23:36:52 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x10) 23:36:52 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3293.432096] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3293.486048] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3293.509408] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3293.546768] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3293.565685] Interruptibility = 00000008 ActivityState = 00000000 [ 3293.590161] *** Host State *** [ 3293.606070] RIP = 0xffffffff811b36f0 RSP = 0xffff88804d2878b8 [ 3293.618338] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3293.680448] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3293.706369] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3293.712985] CR0=0000000080050033 CR3=0000000088ecc000 CR4=00000000001426e0 [ 3293.720743] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3293.727720] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3293.733782] *** Control State *** [ 3293.737813] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3293.744489] EntryControls=0000d1ff ExitControls=002fefff [ 3293.750467] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3293.757651] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3293.764386] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3293.771316] reason=80000021 qualification=0000000000000000 23:36:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:36:52 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x41) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:52 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:52 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x6) 23:36:52 executing program 3: clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000180), 0x0, 0x0, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000080)) ptrace(0x4206, r0) rt_tgsigqueueinfo(r0, r0, 0x12, &(0x7f0000001180)={0x0, 0x0, 0xffffffffffffc592}) ptrace(0x4208, 0x0) 23:36:52 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x11) [ 3293.777934] IDTVectoring: info=00000000 errcode=00000000 [ 3293.783397] TSC Offset = 0xfffff91a458833c1 [ 3293.788000] EPT pointer = 0x00000000a4a5801e [ 3293.938852] *** Guest State *** 23:36:53 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8060000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3293.971727] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:36:53 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x7) 23:36:53 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x4f) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:53 executing program 3: clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000180), 0x0, 0x0, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000080)) ptrace(0x4206, r0) rt_tgsigqueueinfo(r0, r0, 0x12, &(0x7f0000001180)={0x0, 0x0, 0xffffffffffffc592}) ptrace(0x4208, 0x0) [ 3294.038691] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3294.095522] CR3 = 0x0000000000000000 23:36:53 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x60) [ 3294.120034] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3294.141793] RFLAGS=0x00000002 DR7 = 0x0000000000000400 23:36:53 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3294.165101] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3294.206983] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3294.253628] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3294.301816] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3294.322724] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3294.346173] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3294.362534] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3294.414270] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3294.433799] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3294.446992] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3294.455479] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3294.463703] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3294.472018] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3294.481389] Interruptibility = 00000008 ActivityState = 00000000 [ 3294.488372] *** Host State *** [ 3294.492042] RIP = 0xffffffff811b36f0 RSP = 0xffff8880404078b8 [ 3294.499133] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3294.506217] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3294.514385] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3294.520788] CR0=0000000080050033 CR3=000000009ab07000 CR4=00000000001426e0 [ 3294.528665] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3294.536071] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3294.542469] *** Control State *** [ 3294.546924] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3294.554062] EntryControls=0000d1ff ExitControls=002fefff [ 3294.560400] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3294.567537] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3294.574770] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3294.582040] reason=80000021 qualification=0000000000000000 [ 3294.588934] IDTVectoring: info=00000000 errcode=00000000 [ 3294.594842] TSC Offset = 0xfffff919bb8db2fa [ 3294.600898] EPT pointer = 0x0000000050f8801e 23:36:53 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:36:53 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x64) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:53 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:53 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0xf) 23:36:53 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:36:53 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x300) 23:36:53 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3294.806603] *** Guest State *** [ 3294.823983] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:36:53 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x65) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3294.862148] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 23:36:54 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x500) 23:36:54 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x10) [ 3294.910438] CR3 = 0x0000000000000000 [ 3294.922128] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3294.959457] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3294.981824] *** Guest State *** [ 3294.986660] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3294.999360] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 23:36:54 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3295.008785] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3295.028935] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3295.055565] CR3 = 0x0000000000000000 [ 3295.061872] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3295.072127] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3295.113564] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3295.126283] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3295.149687] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:36:54 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3295.162583] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3295.177412] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3295.193692] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3295.204177] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3295.222575] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3295.232093] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3295.248214] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3295.262171] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3295.272725] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3295.286728] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3295.295200] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3295.310124] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3295.318545] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3295.332649] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3295.341353] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3295.355348] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3295.361988] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3295.377719] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3295.389273] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3295.401782] Interruptibility = 00000008 ActivityState = 00000000 [ 3295.408416] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3295.411263] *** Host State *** [ 3295.421709] RIP = 0xffffffff811b36f0 RSP = 0xffff88809721f8b8 [ 3295.429607] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3295.432816] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3295.450071] FSBase=00007f2883562700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3295.455039] Interruptibility = 00000008 ActivityState = 00000000 [ 3295.459137] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3295.475549] *** Host State *** [ 3295.476781] CR0=0000000080050033 CR3=000000009e80e000 CR4=00000000001426e0 [ 3295.480170] RIP = 0xffffffff811b36f0 RSP = 0xffff88805158f8b8 [ 3295.490727] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3295.500789] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3295.505480] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3295.512072] *** Control State *** [ 3295.518515] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3295.525604] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae800000 TRBase=fffffe0000033000 [ 3295.525618] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3295.525635] CR0=0000000080050033 CR3=0000000099c70000 CR4=00000000001426f0 [ 3295.525666] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3295.525687] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3295.525691] *** Control State *** [ 3295.525701] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3295.525712] EntryControls=0000d1ff ExitControls=002fefff [ 3295.540098] EntryControls=0000d1ff ExitControls=002fefff [ 3295.593773] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3295.598004] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3295.604990] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3295.620249] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3295.627555] reason=80000021 qualification=0000000000000000 [ 3295.634004] IDTVectoring: info=00000000 errcode=00000000 [ 3295.635445] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3295.645584] TSC Offset = 0xfffff919467c413c [ 3295.650744] EPT pointer = 0x00000000a896901e [ 3295.665477] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3295.672076] reason=80000021 qualification=0000000000000000 [ 3295.691964] IDTVectoring: info=00000000 errcode=00000000 [ 3295.709254] TSC Offset = 0xfffff9194106624d [ 3295.713691] EPT pointer = 0x000000009f37701e 23:36:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:36:54 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x600) 23:36:54 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x66) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:54 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x11) 23:36:54 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:54 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:36:54 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x43050000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3295.914476] *** Guest State *** 23:36:55 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x60) [ 3295.962687] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:36:55 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x67) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:55 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3296.022626] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 23:36:55 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x700) [ 3296.074366] CR3 = 0x0000000000000000 [ 3296.090389] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3296.144503] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3296.165527] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 23:36:55 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 3296.192691] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3296.231111] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3296.266171] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3296.301475] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3296.320975] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3296.341377] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3296.359671] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3296.379042] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3296.398538] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3296.417777] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3296.439401] *** Guest State *** [ 3296.445875] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3296.447870] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3296.461438] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3296.461449] Interruptibility = 00000008 ActivityState = 00000000 [ 3296.461453] *** Host State *** [ 3296.461465] RIP = 0xffffffff811b36f0 RSP = 0xffff88808deff8b8 [ 3296.461487] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3296.461499] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae800000 TRBase=fffffe0000033000 [ 3296.461511] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3296.461525] CR0=0000000080050033 CR3=00000000a0766000 CR4=00000000001426f0 [ 3296.461539] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3296.461551] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3296.461556] *** Control State *** [ 3296.461564] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3296.461586] EntryControls=0000d1ff ExitControls=002fefff [ 3296.461599] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3296.461608] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3296.461617] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3296.461624] reason=80000021 qualification=0000000000000000 [ 3296.461632] IDTVectoring: info=00000000 errcode=00000000 [ 3296.461637] TSC Offset = 0xfffff918acd9b34e [ 3296.461646] EPT pointer = 0x00000000835d601e 23:36:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:36:55 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800e0000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:55 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x300) 23:36:55 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x6e) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:55 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0xf00) [ 3296.514717] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3296.543446] CR3 = 0x0000000000000000 [ 3296.602866] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3296.662596] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3296.699068] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 23:36:55 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80350000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3296.736540] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3296.771683] *** Guest State *** [ 3296.775019] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:36:55 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x300) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3296.802397] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3296.840812] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:36:55 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x1100) [ 3296.853084] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3296.867652] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3296.882074] CR3 = 0x0000000000000000 [ 3296.895755] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3296.907948] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3296.915613] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3296.922568] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3296.929629] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3296.938042] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:36:56 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3296.946380] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3296.959170] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3296.986899] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3297.015730] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3297.036810] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 23:36:56 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x3e8) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:56 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x500) [ 3297.062003] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3297.115229] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3297.124931] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3297.133447] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3297.156087] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3297.171584] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3297.189798] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3297.196508] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3297.222515] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3297.230414] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3297.255516] Interruptibility = 00000008 ActivityState = 00000000 [ 3297.261964] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3297.273708] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3297.281306] *** Host State *** [ 3297.286990] RIP = 0xffffffff811b36f0 RSP = 0xffff8880593ef8b8 [ 3297.302571] Interruptibility = 00000008 ActivityState = 00000000 [ 3297.312538] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3297.320209] *** Host State *** [ 3297.323555] RIP = 0xffffffff811b36f0 RSP = 0xffff88804f7878b8 [ 3297.329946] FSBase=00007f2883562700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3297.343392] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3297.349995] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3297.356055] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3297.363956] CR0=0000000080050033 CR3=000000008dfea000 CR4=00000000001426f0 [ 3297.371133] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3297.377968] CR0=0000000080050033 CR3=00000000a3e54000 CR4=00000000001426f0 [ 3297.385087] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3297.392215] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3297.399030] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3297.405087] *** Control State *** [ 3297.408734] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3297.414861] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3297.421668] *** Control State *** [ 3297.425207] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3297.435189] EntryControls=0000d1ff ExitControls=002fefff [ 3297.440754] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3297.447807] EntryControls=0000d1ff ExitControls=002fefff [ 3297.453350] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3297.460454] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3297.467247] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3297.473982] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3297.480697] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3297.487402] reason=80000021 qualification=0000000000000000 [ 3297.493722] IDTVectoring: info=00000000 errcode=00000000 [ 3297.501405] reason=80000021 qualification=0000000000000000 [ 3297.508651] TSC Offset = 0xfffff9186f820973 [ 3297.512981] EPT pointer = 0x00000000909af01e [ 3297.517509] IDTVectoring: info=00000000 errcode=00000000 [ 3297.522987] TSC Offset = 0xfffff9183710af8a [ 3297.545440] EPT pointer = 0x00000000a388301e 23:36:56 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x0, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:36:56 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:36:56 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86ddffff]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:36:56 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x480) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:36:56 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x2000) 23:36:56 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x600) 23:36:56 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88470000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3297.749117] *** Guest State *** 23:36:56 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x700) [ 3297.782992] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:36:56 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x500) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3297.839724] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 23:36:57 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x3f00) [ 3297.893248] CR3 = 0x0000000000000000 [ 3297.906758] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3297.932872] RFLAGS=0x00000002 DR7 = 0x0000000000000400 23:36:57 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88480000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3297.995515] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3298.018250] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3298.040801] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3298.075307] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:36:57 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88640000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3298.126836] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3298.169260] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3298.209194] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3298.246133] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3298.289853] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3298.324439] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3298.345435] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3298.375472] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3298.381965] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3298.405495] Interruptibility = 00000008 ActivityState = 00000000 [ 3298.411805] *** Host State *** [ 3298.431897] RIP = 0xffffffff811b36f0 RSP = 0xffff888053caf8b8 [ 3298.438150] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3298.455480] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3298.475487] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3298.481451] CR0=0000000080050033 CR3=00000000aa387000 CR4=00000000001426e0 [ 3298.507895] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3298.514579] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3298.535442] *** Control State *** [ 3298.538905] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3298.555451] EntryControls=0000d1ff ExitControls=002fefff [ 3298.560913] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3298.585483] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3298.592173] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3298.615431] reason=80000021 qualification=0000000000000000 [ 3298.621841] IDTVectoring: info=00000000 errcode=00000000 [ 3298.633632] TSC Offset = 0xfffff917b386bff5 [ 3298.640771] EPT pointer = 0x000000005335601e [ 3299.236036] IPVS: stopping master sync thread 12091 ... [ 3299.243064] device bridge_slave_1 left promiscuous mode [ 3299.295573] bridge0: port 2(bridge_slave_1) entered disabled state [ 3299.346224] device bridge_slave_0 left promiscuous mode [ 3299.351701] bridge0: port 1(bridge_slave_0) entered disabled state [ 3299.549114] device hsr_slave_1 left promiscuous mode [ 3299.590379] device hsr_slave_0 left promiscuous mode [ 3299.649862] team0 (unregistering): Port device team_slave_1 removed [ 3299.687918] team0 (unregistering): Port device team_slave_0 removed [ 3299.728323] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 3299.792579] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 3299.981483] bond0 (unregistering): Released all slaves [ 3301.141624] IPVS: ftp: loaded support on port[0] = 21 [ 3301.321001] chnl_net:caif_netlink_parms(): no params data found [ 3301.384598] bridge0: port 1(bridge_slave_0) entered blocking state [ 3301.421267] bridge0: port 1(bridge_slave_0) entered disabled state [ 3301.442198] device bridge_slave_0 entered promiscuous mode [ 3301.450070] bridge0: port 2(bridge_slave_1) entered blocking state [ 3301.462326] bridge0: port 2(bridge_slave_1) entered disabled state [ 3301.469788] device bridge_slave_1 entered promiscuous mode [ 3301.530483] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 3301.547084] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 3301.586683] team0: Port device team_slave_0 added [ 3301.593068] team0: Port device team_slave_1 added [ 3301.673711] device hsr_slave_0 entered promiscuous mode [ 3301.725728] device hsr_slave_1 entered promiscuous mode [ 3301.774955] bridge0: port 2(bridge_slave_1) entered blocking state [ 3301.781389] bridge0: port 2(bridge_slave_1) entered forwarding state [ 3301.788074] bridge0: port 1(bridge_slave_0) entered blocking state [ 3301.794447] bridge0: port 1(bridge_slave_0) entered forwarding state [ 3301.894088] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3301.914013] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 3301.928252] bridge0: port 1(bridge_slave_0) entered disabled state [ 3301.960024] bridge0: port 2(bridge_slave_1) entered disabled state [ 3301.981453] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 3302.005734] 8021q: adding VLAN 0 to HW filter on device team0 [ 3302.023442] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 3302.031663] bridge0: port 1(bridge_slave_0) entered blocking state [ 3302.038089] bridge0: port 1(bridge_slave_0) entered forwarding state [ 3302.073084] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 3302.081121] bridge0: port 2(bridge_slave_1) entered blocking state [ 3302.087553] bridge0: port 2(bridge_slave_1) entered forwarding state [ 3302.101385] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 3302.125158] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 3302.132910] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 3302.146946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 3302.154489] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 3302.169645] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 3302.200226] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 3302.310319] *** Guest State *** [ 3302.313770] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3302.330188] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3302.341313] CR3 = 0x0000000000000000 [ 3302.345161] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3302.356644] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3302.362861] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3302.370528] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3302.379747] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3302.388744] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3302.397545] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3302.406414] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3302.414572] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3302.423003] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3302.432173] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3302.440964] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3302.450544] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3302.459592] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3302.471597] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3302.479968] Interruptibility = 00000008 ActivityState = 00000000 [ 3302.487703] *** Host State *** [ 3302.491032] RIP = 0xffffffff811b36f0 RSP = 0xffff88804feff8b8 [ 3302.498076] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3302.505078] FSBase=00007f4658f19700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3302.513631] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3302.520094] CR0=0000000080050033 CR3=000000008e5f3000 CR4=00000000001426e0 [ 3302.527651] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3302.534902] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3302.541593] *** Control State *** [ 3302.546683] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3302.553683] EntryControls=0000d1ff ExitControls=002fefff [ 3302.559946] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3302.569217] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3302.578231] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3302.584827] reason=80000021 qualification=0000000000000000 [ 3302.597853] IDTVectoring: info=00000000 errcode=00000000 [ 3302.603318] TSC Offset = 0xfffff915405a97df [ 3302.610716] EPT pointer = 0x000000009966101e 23:37:01 executing program 3: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) getsockopt$netrom_NETROM_T4(r0, 0x103, 0x6, 0x0, &(0x7f0000000100)) 23:37:01 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x600) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:01 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x4000) 23:37:01 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0xf00) 23:37:01 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88a8ffff]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 3302.774795] *** Guest State *** [ 3302.778435] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:01 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88caffff]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3302.825548] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3302.862275] CR3 = 0x0000000000000000 23:37:02 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x700) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3302.874372] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3302.892068] RFLAGS=0x00000002 DR7 = 0x0000000000000400 23:37:02 executing program 3: 23:37:02 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x1100) [ 3302.917998] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3302.947007] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 23:37:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x6000) [ 3302.990409] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3303.011471] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3303.026303] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:02 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89060000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:02 executing program 3: [ 3303.051925] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3303.079216] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:02 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x900) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3303.148288] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3303.196537] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3303.217379] IDTR: limit=0x00000000, base=0x0000000000000000 23:37:02 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8dffffff]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:02 executing program 3: [ 3303.254202] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 23:37:02 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x2000) [ 3303.295176] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3303.338410] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3303.372970] Interruptibility = 00000008 ActivityState = 00000000 [ 3303.407369] *** Host State *** [ 3303.419461] RIP = 0xffffffff811b36f0 RSP = 0xffff8880556bf8b8 [ 3303.454820] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3303.473596] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae800000 TRBase=fffffe0000033000 [ 3303.495511] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3303.502594] CR0=0000000080050033 CR3=0000000095d8b000 CR4=00000000001426f0 [ 3303.517325] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3303.524172] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3303.538730] *** Control State *** [ 3303.542305] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3303.553111] EntryControls=0000d1ff ExitControls=002fefff [ 3303.560765] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3303.571800] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3303.580927] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3303.593525] reason=80000021 qualification=0000000000000000 [ 3303.603849] IDTVectoring: info=00000000 errcode=00000000 [ 3303.613709] TSC Offset = 0xfffff91501722962 [ 3303.620087] EPT pointer = 0x00000000532e101e 23:37:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x231860) 23:37:02 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xa00) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:02 executing program 3: 23:37:02 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf5ffffff]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:02 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x3f00) 23:37:02 executing program 3: 23:37:02 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffa888]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:03 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x4000) [ 3303.854763] *** Guest State *** [ 3303.874200] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:03 executing program 3: 23:37:03 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xb00) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:03 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x80ffff) [ 3303.931401] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3303.961506] CR3 = 0x0000000000000000 [ 3303.971794] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3304.005041] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3304.029215] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3304.049185] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3304.083500] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3304.105154] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3304.143192] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3304.159317] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3304.190048] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3304.210643] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3304.261851] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3304.283855] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3304.304510] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3304.324506] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3304.331398] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3304.345809] Interruptibility = 00000008 ActivityState = 00000000 [ 3304.352187] *** Host State *** [ 3304.362193] RIP = 0xffffffff811b36f0 RSP = 0xffff888059a878b8 [ 3304.368591] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3304.375133] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3304.388796] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3304.394838] CR0=0000000080050033 CR3=0000000089c73000 CR4=00000000001426f0 [ 3304.404182] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3304.415009] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3304.423328] *** Control State *** [ 3304.430935] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3304.439926] EntryControls=0000d1ff ExitControls=002fefff [ 3304.449618] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3304.459040] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3304.470896] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3304.480536] reason=80000021 qualification=0000000000000000 [ 3304.491025] IDTVectoring: info=00000000 errcode=00000000 [ 3304.498782] TSC Offset = 0xfffff91470038fd4 [ 3304.503237] EPT pointer = 0x00000000a40b701e 23:37:03 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:03 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffca88]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:03 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x6000) 23:37:03 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00009e3ff6)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x7) ioctl$TCGETS(r0, 0x8910, 0x0) 23:37:03 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xc00) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:03 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x1000000) 23:37:03 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffdd86]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3304.665609] *** Guest State *** [ 3304.676869] sp0: Synchronizing with TNC [ 3304.677414] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3304.705891] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3304.735647] CR3 = 0x0000000000000000 [ 3304.744219] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3304.761012] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3304.775741] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 23:37:03 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xd00) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:03 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x80ffff) [ 3304.811241] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3304.844802] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3304.856052] sp0: Synchronizing with TNC 23:37:04 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x2000000) 23:37:04 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffff000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3304.884856] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3304.914314] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3304.936740] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3304.961175] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3304.983734] GDTR: limit=0x00000000, base=0x0000000000000000 23:37:04 executing program 3: socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fanotify_init(0x28, 0x0) [ 3305.008242] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3305.039447] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3305.081370] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3305.113511] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3305.135216] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3305.151975] Interruptibility = 00000008 ActivityState = 00000000 [ 3305.173979] *** Host State *** [ 3305.185529] RIP = 0xffffffff811b36f0 RSP = 0xffff88809880f8b8 [ 3305.210608] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3305.218894] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3305.233129] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3305.239251] CR0=0000000080050033 CR3=0000000089f60000 CR4=00000000001426e0 [ 3305.246543] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3305.253374] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3305.259670] *** Control State *** [ 3305.263271] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3305.270539] EntryControls=0000d1ff ExitControls=002fefff [ 3305.276175] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 23:37:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:04 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x1000000) 23:37:04 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xe00) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:04 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff8d]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:04 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x3000000) 23:37:04 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r1, 0xf, &(0x7f0000000280)={0x2}) ioctl$sock_FIOGETOWN(r1, 0x8903, 0x0) [ 3305.283245] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3305.290122] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3305.296904] reason=80000021 qualification=0000000000000000 [ 3305.303378] IDTVectoring: info=00000000 errcode=00000000 [ 3305.309019] TSC Offset = 0xfffff913fb67e6d7 [ 3305.313497] EPT pointer = 0x000000004fd6b01e 23:37:04 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) [ 3305.487515] *** Guest State *** [ 3305.491109] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:04 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x2000000) 23:37:04 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xf00) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3305.537499] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 23:37:04 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff5]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3305.592889] CR3 = 0x0000000000000000 [ 3305.623831] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3305.645682] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3305.665673] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 23:37:04 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x4000000) [ 3305.672395] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3305.715552] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:04 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x3000000) [ 3305.803795] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3305.864880] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3305.892989] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3305.919487] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3305.965593] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3305.992131] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3306.002767] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3306.017800] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3306.026269] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3306.032694] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3306.040370] Interruptibility = 00000008 ActivityState = 00000000 [ 3306.047650] *** Host State *** [ 3306.050865] RIP = 0xffffffff811b36f0 RSP = 0xffff888058e878b8 [ 3306.057248] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3306.063676] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3306.072075] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3306.078049] CR0=0000000080050033 CR3=0000000094ee7000 CR4=00000000001426e0 [ 3306.085254] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3306.092183] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3306.098381] *** Control State *** [ 3306.102090] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3306.109076] EntryControls=0000d1ff ExitControls=002fefff [ 3306.114553] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3306.121563] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3306.128523] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3306.135125] reason=80000021 qualification=0000000000000000 [ 3306.141657] IDTVectoring: info=00000000 errcode=00000000 [ 3306.147442] TSC Offset = 0xfffff9138a4d4ab5 [ 3306.151794] EPT pointer = 0x0000000059a0601e 23:37:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:05 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1100) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:05 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0ffffffffffff]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:05 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) 23:37:05 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x5000000) 23:37:05 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x4000000) 23:37:05 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3306.346245] *** Guest State *** [ 3306.368387] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:05 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x5000000) 23:37:05 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1200) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3306.420547] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3306.465851] CR3 = 0x0000000000000000 [ 3306.469863] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3306.505816] RFLAGS=0x00000002 DR7 = 0x0000000000000400 23:37:05 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) 23:37:05 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x6000000) 23:37:05 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3306.527749] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3306.556741] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3306.595589] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3306.669532] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3306.691155] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3306.737261] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3306.771233] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3306.795870] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3306.839600] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3306.852501] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3306.864739] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3306.875597] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3306.882042] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3306.889570] Interruptibility = 00000008 ActivityState = 00000000 [ 3306.895929] *** Host State *** [ 3306.899143] RIP = 0xffffffff811b36f0 RSP = 0xffff88805049f8b8 [ 3306.905138] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3306.911633] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3306.919592] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3306.925565] CR0=0000000080050033 CR3=0000000097f24000 CR4=00000000001426f0 [ 3306.932607] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3306.939388] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3306.945525] *** Control State *** [ 3306.948999] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3306.955813] EntryControls=0000d1ff ExitControls=002fefff [ 3306.961290] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3306.968312] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3306.975019] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3306.982550] reason=80000021 qualification=0000000000000000 [ 3306.988950] IDTVectoring: info=00000000 errcode=00000000 [ 3306.994419] TSC Offset = 0xfffff91318370022 [ 3306.998886] EPT pointer = 0x0000000083e8b01e 23:37:06 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:06 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x6000000) 23:37:06 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1300) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:06 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:06 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) 23:37:06 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x7000000) 23:37:06 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3307.239099] *** Guest State *** 23:37:06 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x7000000) 23:37:06 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1400) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3307.272629] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:06 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0xf000000) [ 3307.351916] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3307.385183] CR3 = 0x0000000000000000 23:37:06 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:06 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) wait4(0x0, 0x0, 0x80000000, 0x0) [ 3307.398764] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3307.413268] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3307.455861] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3307.483690] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3307.521692] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3307.559294] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3307.580720] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3307.615963] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3307.651484] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3307.672871] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3307.692253] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3307.701761] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3307.723060] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3307.733275] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3307.746362] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3307.754070] Interruptibility = 00000008 ActivityState = 00000000 [ 3307.766700] *** Host State *** [ 3307.770047] RIP = 0xffffffff811b36f0 RSP = 0xffff888082bff8b8 [ 3307.780363] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3307.789124] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3307.801125] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3307.809464] CR0=0000000080050033 CR3=0000000089ebc000 CR4=00000000001426e0 [ 3307.820804] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3307.828390] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3307.834590] *** Control State *** [ 3307.838552] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3307.845615] EntryControls=0000d1ff ExitControls=002fefff [ 3307.851228] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3307.858625] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3307.865791] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3307.872594] reason=80000021 qualification=0000000000000000 [ 3307.879556] IDTVectoring: info=00000000 errcode=00000000 [ 3307.885158] TSC Offset = 0xfffff9129a12b5aa [ 3307.889938] EPT pointer = 0x000000009650201e 23:37:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:07 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0xf000000) 23:37:07 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1500) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:07 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:07 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x10000000) 23:37:07 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) wait4(0x0, 0x0, 0x80000000, 0x0) 23:37:07 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:07 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x10000000) [ 3308.123534] *** Guest State *** [ 3308.139769] CR0: actual=0x000000008005003f, shadow=0x000000008005001f, gh_mask=fffffffffffffff7 23:37:07 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1600) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3308.206097] CR4: actual=0x0000000000002068, shadow=0x0000000000000028, gh_mask=ffffffffffffe871 [ 3308.236290] CR3 = 0x0000000000000000 23:37:07 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) wait4(0x0, 0x0, 0x80000000, 0x0) [ 3308.255737] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [ 3308.281708] RFLAGS=0x00000002 DR7 = 0x0000000000000400 23:37:07 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x11000000) 23:37:07 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x806000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3308.307022] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3308.325698] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3308.363020] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3308.382719] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3308.413686] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3308.425816] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3308.492931] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3308.556219] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3308.575280] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3308.596508] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3308.616605] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3308.633336] EFER = 0x0000000000006500 PAT = 0x0007040600070406 [ 3308.640765] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3308.654149] Interruptibility = 00000000 ActivityState = 00000000 [ 3308.660596] *** Host State *** [ 3308.663940] RIP = 0xffffffff811b36f0 RSP = 0xffff888057f3f8b8 [ 3308.675722] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3308.683196] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae800000 TRBase=fffffe0000033000 [ 3308.697208] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3308.703277] CR0=0000000080050033 CR3=00000000841ac000 CR4=00000000001426f0 [ 3308.714323] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3308.723177] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3308.733450] *** Control State *** [ 3308.739058] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3308.749769] EntryControls=0000d3ff ExitControls=002fefff [ 3308.755709] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 23:37:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:07 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1700) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:07 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd00000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:07 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x11000000) 23:37:07 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:07 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x20000000) [ 3308.762793] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3308.769994] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3308.776998] reason=80000021 qualification=0000000000000000 [ 3308.783486] IDTVectoring: info=00000000 errcode=00000000 [ 3308.789577] TSC Offset = 0xfffff9122c73702c [ 3308.794046] EPT pointer = 0x000000009744f01e 23:37:08 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:08 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x3f000000) 23:37:08 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1800) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:08 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x20000000) 23:37:08 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:08 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:08 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x3f000000) 23:37:08 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2800000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:08 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1900) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:08 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:08 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x40000000) 23:37:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:08 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c00000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:08 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x40000000) 23:37:08 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1a00) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:08 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:08 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x60000000) 23:37:09 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:09 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:09 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x60000000) 23:37:09 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:09 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1b00) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:09 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:09 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x60182300) 23:37:09 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:09 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:09 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0xffff8000) 23:37:09 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:09 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:09 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1c00) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:09 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0xffff8000) 23:37:09 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800e000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:09 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x8000000000) 23:37:09 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:09 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8035000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:09 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1d00) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:09 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r1, 0xf, &(0x7f0000000280)={0x2}) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:09 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x8000000000) 23:37:09 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x7f4b44f19700) 23:37:10 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:10 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8100000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:10 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1e00) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:10 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r1, 0xf, &(0x7f0000000280)={0x2}) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:10 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x80ffff00000000) 23:37:10 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x7f97698c8700) 23:37:10 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86ddffff00000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:10 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:10 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x2600) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:10 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r1, 0xf, &(0x7f0000000280)={0x2}) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:10 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x97f1444b7f0000) 23:37:10 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8847000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:10 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:10 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x80ffff00000000) 23:37:10 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8848000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:10 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) 23:37:10 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x100000000000000) 23:37:10 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:10 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x2900) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:10 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8864000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:10 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) 23:37:10 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x878c69977f0000) 23:37:11 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:11 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88a8ffff00000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:11 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x200000000000000) 23:37:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x2e00) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:11 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) 23:37:11 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x100000000000000) 23:37:11 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r0 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r1, 0xf, &(0x7f0000000280)={0x2, r0}) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:11 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88caffff00000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:11 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:11 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x300000000000000) 23:37:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x3400) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:11 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r0 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r1, 0xf, &(0x7f0000000280)={0x2, r0}) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:11 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:11 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:11 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x200000000000000) 23:37:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x3600) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:11 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x400000000000000) 23:37:11 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8dffffff00000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:11 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r0 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r1, 0xf, &(0x7f0000000280)={0x2, r0}) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:11 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x0, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x3800) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:12 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf5ffffff00000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:12 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x300000000000000) 23:37:12 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x500000000000000) 23:37:12 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x0, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:12 executing program 3: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r0 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r1, 0xf, &(0x7f0000000280)={0x2, r0}) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:12 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffff000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:12 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x3a00) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:12 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x600000000000000) 23:37:12 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x400000000000000) 23:37:12 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x3c00) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:12 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:12 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x0, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:12 executing program 3: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r0 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r1, 0xf, &(0x7f0000000280)={0x2, r0}) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:12 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x700000000000000) 23:37:12 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:12 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x500000000000000) 23:37:12 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x3e00) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:12 executing program 3: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r0 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r1, 0xf, &(0x7f0000000280)={0x2, r0}) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:12 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:12 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:13 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0xf00000000000000) 23:37:13 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:13 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) 23:37:13 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x3f00) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:13 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x600000000000000) [ 3313.950761] *** Guest State *** [ 3313.960400] CR0: actual=0x000000008005003f, shadow=0x000000008005001f, gh_mask=fffffffffffffff7 [ 3313.999891] CR4: actual=0x0000000000002068, shadow=0x0000000000000028, gh_mask=ffffffffffffe871 23:37:13 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3314.049095] CR3 = 0x0000000000000000 [ 3314.056444] PDPTR0 = 0x0000000000000000 PDPTR1 = 0x0000000000000000 23:37:13 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x1000000000000000) [ 3314.089884] PDPTR2 = 0x0000000000000000 PDPTR3 = 0x0000000000000000 [ 3314.118684] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [ 3314.171337] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3314.188592] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 23:37:13 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:13 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) 23:37:13 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x4000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3314.220156] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3314.276463] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3314.306523] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3314.324328] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3314.347446] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3314.374709] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3314.416526] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3314.445904] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3314.453907] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3314.489410] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3314.508481] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 3314.514920] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3314.528656] Interruptibility = 00000000 ActivityState = 00000000 [ 3314.534909] *** Host State *** [ 3314.540849] RIP = 0xffffffff811b36f0 RSP = 0xffff8880807778b8 [ 3314.551050] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3314.559805] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae800000 TRBase=fffffe0000033000 [ 3314.571856] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3314.580045] CR0=0000000080050033 CR3=000000008f6e8000 CR4=00000000001426f0 [ 3314.591180] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3314.600112] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3314.610567] *** Control State *** [ 3314.614033] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3314.622939] EntryControls=0000d1ff ExitControls=002fefff [ 3314.632480] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3314.641638] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3314.652437] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 3314.661236] reason=80000021 qualification=0000000000000000 [ 3314.671824] IDTVectoring: info=00000000 errcode=00000000 [ 3314.679748] TSC Offset = 0xfffff90f17ef3ef2 [ 3314.684085] EPT pointer = 0x000000009a5bc01e 23:37:13 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:13 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x700000000000000) 23:37:13 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:13 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x1100000000000000) 23:37:13 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x4100) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:13 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) 23:37:13 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3314.866631] *** Guest State *** 23:37:14 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x4f00) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3314.901615] CR0: actual=0x000000008005003f, shadow=0x000000008005001f, gh_mask=fffffffffffffff7 [ 3314.916210] CR4: actual=0x0000000000002068, shadow=0x0000000000000028, gh_mask=ffffffffffffe871 [ 3314.954178] CR3 = 0x0000000000000000 23:37:14 executing program 3: socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r0 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r1, 0xf, &(0x7f0000000280)={0x2, r0}) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:14 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x2000000000000000) 23:37:14 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3314.982208] PDPTR0 = 0x0000000000000000 PDPTR1 = 0x0000000000000000 [ 3315.006439] PDPTR2 = 0x0000000000000000 PDPTR3 = 0x0000000000000000 [ 3315.025884] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 23:37:14 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0xf00000000000000) [ 3315.032809] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3315.055649] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3315.084312] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3315.126009] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3315.175978] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3315.195852] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3315.231631] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3315.244483] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3315.255976] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3315.268264] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3315.285195] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3315.293678] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3315.358377] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 3315.364816] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3315.382251] Interruptibility = 00000000 ActivityState = 00000000 [ 3315.394526] *** Host State *** [ 3315.402833] RIP = 0xffffffff811b36f0 RSP = 0xffff8880807778b8 [ 3315.409888] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3315.421185] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3315.433061] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3315.443969] CR0=0000000080050033 CR3=0000000093bfa000 CR4=00000000001426e0 [ 3315.452158] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3315.463691] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3315.470873] *** Control State *** [ 3315.474331] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3315.487088] EntryControls=0000d1ff ExitControls=002fefff [ 3315.492556] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3315.503377] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3315.520035] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3315.527660] reason=80000021 qualification=0000000000000000 [ 3315.533986] IDTVectoring: info=00000000 errcode=00000000 [ 3315.544202] TSC Offset = 0xfffff90e87a5ae6e [ 3315.549589] EPT pointer = 0x0000000089c7601e 23:37:14 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:14 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:14 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x6400) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:14 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x3f00000000000000) 23:37:14 executing program 3: socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r0 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r1, 0xf, &(0x7f0000000280)={0x2, r0}) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:14 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x1000000000000000) 23:37:14 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3315.760672] *** Guest State *** [ 3315.778599] CR0: actual=0x000000008005003f, shadow=0x000000008005001f, gh_mask=fffffffffffffff7 23:37:14 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x4000000000000000) 23:37:14 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x1100000000000000) [ 3315.804767] CR4: actual=0x0000000000002068, shadow=0x0000000000000028, gh_mask=ffffffffffffe871 [ 3315.816771] CR3 = 0x0000000000000000 [ 3315.836892] PDPTR0 = 0x0000000000000000 PDPTR1 = 0x0000000000000000 23:37:14 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x6500) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3315.865115] PDPTR2 = 0x0000000000000000 PDPTR3 = 0x0000000000000000 [ 3315.888228] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 23:37:15 executing program 3: socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r0 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r1, 0xf, &(0x7f0000000280)={0x2, r0}) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) [ 3315.911892] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3315.934143] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3315.961800] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3316.003543] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3316.051805] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3316.092650] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3316.105091] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3316.157891] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3316.177644] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3316.186454] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3316.194711] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3316.209969] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3316.220675] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 3316.232941] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3316.243096] Interruptibility = 00000000 ActivityState = 00000000 [ 3316.255141] *** Host State *** [ 3316.260299] RIP = 0xffffffff811b36f0 RSP = 0xffff88808e82f8b8 [ 3316.272092] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3316.280586] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3316.294257] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3316.301965] CR0=0000000080050033 CR3=00000000506f6000 CR4=00000000001426e0 [ 3316.318052] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3316.325080] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3316.337850] *** Control State *** [ 3316.341678] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3316.351778] EntryControls=0000d1ff ExitControls=002fefff [ 3316.361018] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3316.372733] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3316.383139] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3316.399877] reason=80000021 qualification=0000000000000000 [ 3316.408112] IDTVectoring: info=00000000 errcode=00000000 [ 3316.413702] TSC Offset = 0xfffff90e0e034d5f [ 3316.423978] EPT pointer = 0x00000000a509301e 23:37:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 23:37:15 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:15 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x6000000000000000) 23:37:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x6600) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:15 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x2000000000000000) 23:37:15 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r0 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r1, 0xf, &(0x7f0000000280)={0x2, r0}) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:15 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:15 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0xffffffff00000000) 23:37:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x6700) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:15 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x3f00000000000000) 23:37:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 23:37:15 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r0 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r1, 0xf, &(0x7f0000000280)={0x2, r0}) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:15 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x543]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:16 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x40000, 0x0) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffff9c, 0x84, 0x71, &(0x7f00000001c0)={0x0, 0xffffffff7fffffff}, &(0x7f0000000200)=0x8) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000240)={r3, 0x7}, &(0x7f0000000280)=0x8) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SMI(r4, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x5, 0x608000) ioctl$DRM_IOCTL_MODE_GETCRTC(r5, 0xc06864a1, &(0x7f0000000100)={&(0x7f00000000c0)=[0x0], 0x1, 0x7fc558ca, 0x6f, 0x10000, 0x1, 0x7, {0x0, 0x2400000, 0x7fff, 0x1f, 0x80000001, 0x20, 0x5, 0x1ff, 0x9, 0x7fffffff, 0xfffffffffffffe01, 0x2, 0x2, 0x2, "794050b50121c412853f1d798ebfcc371025a556e7ab8adc59d9ab5b1eb0c87a"}}) 23:37:16 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 23:37:16 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x6eff) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:16 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x4000000000000000) 23:37:16 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3317.094964] *** Guest State *** 23:37:16 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r0 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r1, 0xf, &(0x7f0000000280)={0x2, r0}) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) [ 3317.115823] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:16 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x101000008912, &(0x7f0000000140)="0adc1f123c123f3188b070") r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) ioctl$sock_SIOCGIFCONF(r1, 0x5411, &(0x7f0000000080)=@buf) 23:37:16 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x608]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3317.168291] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3317.198241] CR3 = 0x0000000000000000 [ 3317.201982] RSP = 0x0000000000000000 RIP = 0x0000000000008000 23:37:16 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x8004) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:16 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) 23:37:16 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x6000000000000000) [ 3317.316531] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3317.325173] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 23:37:16 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 3317.390780] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3317.428604] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3317.455071] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3317.465569] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3317.473577] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3317.491025] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3317.518202] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3317.560575] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3317.572814] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3317.607793] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3317.616813] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3317.625577] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3317.634660] Interruptibility = 00000008 ActivityState = 00000000 [ 3317.641382] *** Host State *** [ 3317.644716] RIP = 0xffffffff811b36f0 RSP = 0xffff888091e278b8 [ 3317.656945] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3317.663505] FSBase=00007f4b44f19700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3317.679737] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3317.686921] CR0=0000000080050033 CR3=000000008762c000 CR4=00000000001426e0 [ 3317.694059] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3317.705474] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3317.711560] *** Control State *** [ 3317.715011] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3317.722533] EntryControls=0000d1ff ExitControls=002fefff [ 3317.728091] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3317.735020] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3317.741781] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3317.748668] reason=80000021 qualification=0000000000000000 [ 3317.754994] IDTVectoring: info=00000000 errcode=00000000 [ 3317.760517] TSC Offset = 0xfffff90d58a9f98a [ 3317.764851] EPT pointer = 0x000000009008b01e 23:37:16 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x402000000) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:16 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x689]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:16 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xe0fe) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:16 executing program 5 (fault-call:9 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:16 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) 23:37:16 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x6018230000000000) 23:37:17 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3317.927722] FAULT_INJECTION: forcing a failure. [ 3317.927722] name failslab, interval 1, probability 0, space 0, times 0 [ 3317.965572] CPU: 0 PID: 12378 Comm: syz-executor.5 Not tainted 5.0.0-rc7+ #86 [ 3317.972854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3317.972861] Call Trace: [ 3317.972887] dump_stack+0x172/0x1f0 [ 3317.972909] should_fail.cold+0xa/0x1b [ 3317.992325] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 3317.997445] ? lock_downgrade+0x810/0x810 [ 3318.001612] ? ___might_sleep+0x163/0x280 [ 3318.005792] __should_failslab+0x121/0x190 [ 3318.010038] should_failslab+0x9/0x14 [ 3318.013847] kmem_cache_alloc+0x2b2/0x6f0 [ 3318.013864] ? trace_hardirqs_on_caller+0x6a/0x220 [ 3318.013891] mmu_topup_memory_caches+0x97/0x490 [ 3318.013911] kvm_mmu_load+0x21/0x1300 [ 3318.013932] ? vcpu_enter_guest+0x1776/0x6290 [ 3318.036190] vcpu_enter_guest+0x3d72/0x6290 [ 3318.036213] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3318.036235] ? emulator_read_emulated+0x50/0x50 [ 3318.036252] ? lock_acquire+0x16f/0x3f0 [ 3318.036268] ? kvm_arch_vcpu_ioctl_run+0x240/0x16e0 [ 3318.036288] kvm_arch_vcpu_ioctl_run+0x425/0x16e0 [ 3318.045370] ? kvm_arch_vcpu_ioctl_run+0x425/0x16e0 [ 3318.045397] kvm_vcpu_ioctl+0x4dc/0xfa0 [ 3318.045415] ? kvm_vcpu_block+0xcd0/0xcd0 [ 3318.045430] ? retint_kernel+0x2d/0x2d [ 3318.045444] ? trace_hardirqs_on_caller+0x6a/0x220 [ 3318.045459] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3318.045478] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3318.045498] ? retint_kernel+0x2d/0x2d [ 3318.045519] ? do_vfs_ioctl+0x105a/0x1390 [ 3318.045536] ? kvm_vcpu_block+0xcd0/0xcd0 [ 3318.107580] do_vfs_ioctl+0xd6e/0x1390 [ 3318.107625] ? ioctl_preallocate+0x210/0x210 [ 3318.107650] ? smack_file_ioctl+0x196/0x300 [ 3318.107681] ? smack_file_lock+0x240/0x240 [ 3318.107694] ? __fget+0x367/0x540 23:37:17 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) [ 3318.107713] ? iterate_fd+0x360/0x360 [ 3318.107732] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3318.107753] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3318.107770] ? security_file_ioctl+0x93/0xc0 [ 3318.107787] ksys_ioctl+0xab/0xd0 [ 3318.120403] __x64_sys_ioctl+0x73/0xb0 [ 3318.153957] ? do_syscall_64+0x5b/0x610 [ 3318.157940] do_syscall_64+0x103/0x610 [ 3318.161927] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3318.167130] RIP: 0033:0x457e29 [ 3318.170326] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3318.189330] RSP: 002b:00007f5ecd0abc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3318.189364] RAX: ffffffffffffffda RBX: 00007f5ecd0abc90 RCX: 0000000000457e29 [ 3318.189373] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 3318.189381] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3318.189390] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5ecd0ac6d4 [ 3318.189400] R13: 00000000004c0d61 R14: 00000000004d2bb8 R15: 0000000000000007 23:37:17 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x200, 0x0) 23:37:17 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xe803) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:17 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x806]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:17 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, 0x0, 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) [ 3318.363432] *** Guest State *** [ 3318.372450] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:17 executing program 5 (fault-call:9 fault-nth:1): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:17 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0xffffffff00000000) 23:37:17 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd00]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3318.435886] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3318.444741] CR3 = 0x0000000000000000 [ 3318.444752] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3318.444767] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3318.444788] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 23:37:17 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xff6e) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3318.527321] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3318.556497] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:17 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe80]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3318.586440] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3318.627803] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3318.649588] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3318.691491] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3318.715184] GDTR: limit=0x00000000, base=0x0000000000000000 23:37:17 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:17 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x1, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x0, 0x0) ioctl$NBD_SET_SIZE_BLOCKS(r3, 0xab07, 0x80000000) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:17 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xc0000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3318.738839] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3318.760548] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3318.778810] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3318.805474] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3318.833236] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3318.845733] Interruptibility = 00000008 ActivityState = 00000000 [ 3318.862212] *** Host State *** [ 3318.871317] RIP = 0xffffffff811b36f0 RSP = 0xffff8880a17978b8 [ 3318.890198] Unknown ioctl 43783 [ 3318.909283] FAULT_INJECTION: forcing a failure. [ 3318.909283] name failslab, interval 1, probability 0, space 0, times 0 [ 3318.921854] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3318.935605] *** Guest State *** [ 3318.936226] FSBase=00007f4b44f19700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3318.958261] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3318.966752] CPU: 0 PID: 12437 Comm: syz-executor.5 Not tainted 5.0.0-rc7+ #86 [ 3318.974382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3318.979276] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3318.983731] Call Trace: [ 3318.983759] dump_stack+0x172/0x1f0 [ 3318.983784] should_fail.cold+0xa/0x1b [ 3318.983805] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 3318.983832] ? lock_downgrade+0x810/0x810 [ 3318.999946] CR3 = 0x0000000000000000 [ 3319.002717] ? ___might_sleep+0x163/0x280 [ 3319.002737] __should_failslab+0x121/0x190 [ 3319.002757] should_failslab+0x9/0x14 [ 3319.002773] kmem_cache_alloc+0x2b2/0x6f0 [ 3319.002788] ? trace_hardirqs_on_caller+0x6a/0x220 [ 3319.002814] mmu_topup_memory_caches+0x97/0x490 [ 3319.010506] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3319.012037] kvm_mmu_load+0x21/0x1300 [ 3319.012062] ? kvm_cpu_has_injectable_intr+0x1a6/0x200 [ 3319.012084] vcpu_enter_guest+0x3d72/0x6290 [ 3319.012104] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3319.012125] ? emulator_read_emulated+0x50/0x50 [ 3319.020515] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3319.024214] ? lock_acquire+0x16f/0x3f0 [ 3319.024230] ? kvm_arch_vcpu_ioctl_run+0x240/0x16e0 [ 3319.024253] kvm_arch_vcpu_ioctl_run+0x425/0x16e0 [ 3319.024268] ? kvm_arch_vcpu_ioctl_run+0x425/0x16e0 [ 3319.024295] kvm_vcpu_ioctl+0x4dc/0xfa0 [ 3319.024312] ? kvm_vcpu_block+0xcd0/0xcd0 [ 3319.103989] ? retint_kernel+0x2d/0x2d [ 3319.107878] ? trace_hardirqs_on_caller+0x6a/0x220 [ 3319.112803] ? mark_held_locks+0x100/0x100 [ 3319.117043] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3319.121802] ? __fget+0x340/0x540 [ 3319.125282] ? find_held_lock+0x35/0x130 [ 3319.129354] ? __fget+0x340/0x540 [ 3319.132815] ? kvm_vcpu_block+0xcd0/0xcd0 [ 3319.136963] do_vfs_ioctl+0xd6e/0x1390 [ 3319.140851] ? ioctl_preallocate+0x210/0x210 [ 3319.145274] ? smack_file_ioctl+0x196/0x300 [ 3319.149594] ? smack_file_lock+0x240/0x240 [ 3319.153825] ? __fget+0x367/0x540 [ 3319.157279] ? iterate_fd+0x360/0x360 [ 3319.161080] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3319.166617] ? fput+0x128/0x1a0 [ 3319.169902] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3319.175434] ? security_file_ioctl+0x93/0xc0 [ 3319.179840] ksys_ioctl+0xab/0xd0 [ 3319.183296] __x64_sys_ioctl+0x73/0xb0 [ 3319.187216] do_syscall_64+0x103/0x610 [ 3319.191106] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3319.196287] RIP: 0033:0x457e29 [ 3319.199475] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3319.218381] RSP: 002b:00007f5ecd0abc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3319.226099] RAX: ffffffffffffffda RBX: 00007f5ecd0abc90 RCX: 0000000000457e29 [ 3319.233367] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 3319.240652] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3319.247918] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5ecd0ac6d4 [ 3319.255179] R13: 00000000004c0d61 R14: 00000000004d2bb8 R15: 0000000000000007 [ 3319.299747] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3319.335906] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3319.371558] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3319.390221] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3319.402249] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3319.413556] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3319.424966] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3319.439308] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3319.449709] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3319.462086] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3319.472502] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3319.485228] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3319.494420] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3319.510201] Interruptibility = 00000008 ActivityState = 00000000 [ 3319.519933] *** Host State *** [ 3319.523264] RIP = 0xffffffff811b36f0 RSP = 0xffff888054a678b8 [ 3319.532726] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3319.542654] FSBase=00007f97698c8700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3319.553806] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3319.563117] CR0=0000000080050033 CR3=0000000096445000 CR4=00000000001426e0 [ 3319.573851] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3319.583814] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3319.598675] *** Control State *** [ 3319.602288] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3319.611394] EntryControls=0000d1ff ExitControls=002fefff [ 3319.621164] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3319.640394] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3319.649993] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3319.666290] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3319.672235] CR0=0000000080050033 CR3=0000000054ea0000 CR4=00000000001426f0 [ 3319.681480] reason=80000021 qualification=0000000000000000 [ 3319.701573] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3319.722986] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3319.724163] IDTVectoring: info=00000000 errcode=00000000 [ 3319.729407] Unknown ioctl 43783 [ 3319.741546] TSC Offset = 0xfffff90c61d685c7 [ 3319.751311] EPT pointer = 0x0000000050a3c01e [ 3319.755651] *** Control State *** [ 3319.762773] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3319.784024] EntryControls=0000d1ff ExitControls=002fefff [ 3319.801760] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3319.821146] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3319.828493] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3319.835182] reason=80000021 qualification=0000000000000000 [ 3319.847957] IDTVectoring: info=00000000 errcode=00000000 [ 3319.853518] TSC Offset = 0xfffff90ca59ad75b [ 3319.862161] EPT pointer = 0x000000005837601e 23:37:19 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x800, 0x0) ioctl$IMCTRLREQ(r3, 0x80044945, &(0x7f00000000c0)={0x900, 0x80000000, 0xf80000000000000, 0x1}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:19 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:19 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, 0x0, 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) 23:37:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:19 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xfffff) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:19 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x20, 0x40) ioctl$SIOCX25SCAUSEDIAG(r3, 0x89ec, &(0x7f00000000c0)={0xffff, 0x5}) [ 3320.033052] *** Guest State *** 23:37:19 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x100000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3320.056781] *** Guest State *** [ 3320.057045] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3320.083977] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:19 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2800]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3320.104888] *** Guest State *** [ 3320.115235] CR0: actual=0x000000008005003f, shadow=0x000000008005001f, gh_mask=fffffffffffffff7 [ 3320.127330] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3320.136779] CR3 = 0x0000000000000000 [ 3320.140805] CR4: actual=0x0000000000002068, shadow=0x0000000000000028, gh_mask=ffffffffffffe871 [ 3320.154447] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3320.158918] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3320.162261] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3320.176232] CR3 = 0x0000000000000000 [ 3320.180401] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [ 3320.187032] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3320.193973] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3320.200911] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3320.208543] CR3 = 0x0000000000000000 [ 3320.213907] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3320.222190] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3320.222885] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3320.237116] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3320.249351] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3320.259995] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3320.271926] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3320.284293] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3320.290652] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 23:37:19 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3580]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3320.308819] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3320.309036] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3320.331264] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3320.346457] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 23:37:19 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x80ffff) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3320.348257] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3320.367724] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3320.376966] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3320.385690] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3320.386587] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3320.394052] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3320.413867] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3320.431728] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3320.439387] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3320.445170] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3320.457946] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3320.471853] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3320.473119] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3320.495883] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3320.501673] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:19 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c00]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3320.518699] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3320.527755] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3320.536016] EFER = 0x0000000000006500 PAT = 0x0007040600070406 [ 3320.542936] Interruptibility = 00000008 ActivityState = 00000000 [ 3320.549499] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3320.563181] *** Host State *** [ 3320.568246] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3320.576555] RIP = 0xffffffff811b36f0 RSP = 0xffff888054a678b8 [ 3320.582921] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3320.590930] Interruptibility = 00000000 ActivityState = 00000000 [ 3320.590936] *** Host State *** [ 3320.590949] RIP = 0xffffffff811b36f0 RSP = 0xffff8880522af8b8 [ 3320.590975] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 23:37:19 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3320.590989] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae800000 TRBase=fffffe0000033000 [ 3320.591001] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3320.591018] CR0=0000000080050033 CR3=0000000093f0b000 CR4=00000000001426f0 [ 3320.598760] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3320.640859] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3320.649604] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3320.658385] FSBase=00007f4b44f19700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3320.660240] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3320.666725] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3320.686941] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3320.693889] CR0=0000000080050033 CR3=00000000a4293000 CR4=00000000001426f0 [ 3320.700120] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3320.712434] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3320.721492] *** Control State *** [ 3320.723618] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3320.732639] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3320.734743] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3320.755096] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3320.761076] EntryControls=0000d3ff ExitControls=002fefff [ 3320.785742] *** Control State *** [ 3320.793944] Interruptibility = 00000008 ActivityState = 00000000 [ 3320.803408] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3320.806329] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3320.824488] *** Host State *** [ 3320.832428] RIP = 0xffffffff811b36f0 RSP = 0xffff88805487f8b8 [ 3320.847473] EntryControls=0000d1ff ExitControls=002fefff [ 3320.856538] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3320.867869] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3320.883804] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3320.884586] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3320.909515] reason=80000021 qualification=0000000000000000 [ 3320.916077] FSBase=00007f97698c8700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3320.924113] IDTVectoring: info=00000000 errcode=00000000 [ 3320.924489] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3320.936598] TSC Offset = 0xfffff90bc60ddb5e [ 3320.955436] EPT pointer = 0x00000000a0ef501e [ 3320.962006] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3320.969279] reason=80000021 qualification=0000000000000000 [ 3320.975465] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3320.981665] CR0=0000000080050033 CR3=000000004d23b000 CR4=00000000001426e0 [ 3320.981870] IDTVectoring: info=00000000 errcode=00000000 [ 3321.003028] TSC Offset = 0xfffff90bbf4669f2 [ 3321.007643] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3321.014709] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3321.026843] EPT pointer = 0x0000000083d0301e [ 3321.034445] *** Control State *** [ 3321.042580] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3321.052045] EntryControls=0000d1ff ExitControls=002fefff [ 3321.062202] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3321.072012] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3321.083213] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3321.092792] reason=80000021 qualification=0000000000000000 [ 3321.103942] IDTVectoring: info=00000000 errcode=00000000 [ 3321.115129] TSC Offset = 0xfffff90bc56737f0 [ 3321.125229] EPT pointer = 0x000000007f3c101e 23:37:20 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x8, 0x101002) getsockopt$inet_tcp_int(r3, 0x6, 0x24, &(0x7f00000000c0), &(0x7f0000000100)=0x4) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r3, 0x84, 0x1c, &(0x7f0000000140), &(0x7f0000000180)=0x4) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:20 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:20 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, 0x0, 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) 23:37:20 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x2000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:20 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x2, 0x0) 23:37:20 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000140)='/dev/midi#\x00', 0x400000000000000, 0x200001) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_MON_SET(r1, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x50, r2, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_NET={0x3c, 0x7, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}, @TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x6e}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x3}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x80000000}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x1) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r4, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000003c0)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 23:37:20 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3321.373382] *** Guest State *** [ 3321.397410] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3321.408616] *** Guest State *** [ 3321.412080] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3321.434976] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 23:37:20 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x5421, 0x0) 23:37:20 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x3000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3321.455825] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3321.464672] CR3 = 0x0000000000000000 23:37:20 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4788]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3321.505972] CR3 = 0x0000000000000000 [ 3321.516550] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3321.527956] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3321.538257] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3321.555610] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3321.561848] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3321.569915] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3321.577528] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3321.595502] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3321.610924] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3321.632011] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3321.643782] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:20 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4888]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3321.675487] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3321.696380] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3321.712964] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:20 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x4000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3321.734538] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3321.753776] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3321.761358] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3321.775140] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3321.804714] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3321.806658] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3321.827462] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3321.840202] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3321.853035] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3321.860548] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3321.880718] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3321.887423] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3321.898230] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3321.915962] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3321.923503] Interruptibility = 00000008 ActivityState = 00000000 [ 3321.924322] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3321.937771] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3321.945511] Interruptibility = 00000008 ActivityState = 00000000 [ 3321.953679] *** Host State *** [ 3321.965540] *** Host State *** [ 3321.968562] RIP = 0xffffffff811b36f0 RSP = 0xffff888054a678b8 [ 3321.968894] RIP = 0xffffffff811b36f0 RSP = 0xffff8880582278b8 [ 3321.990416] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3322.005587] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3322.012857] FSBase=00007f4b44f19700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3322.014532] FSBase=00007f97698c8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3322.030754] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3322.037804] CR0=0000000080050033 CR3=000000009ac8c000 CR4=00000000001426f0 [ 3322.044977] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3322.052380] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3322.058469] CR0=0000000080050033 CR3=0000000081037000 CR4=00000000001426e0 [ 3322.066459] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3322.073302] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3322.079587] *** Control State *** [ 3322.083209] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3322.089056] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3322.090051] EntryControls=0000d1ff ExitControls=002fefff [ 3322.101598] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3322.108754] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3322.115741] *** Control State *** [ 3322.119374] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3322.126271] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3322.136032] EntryControls=0000d1ff ExitControls=002fefff [ 3322.141773] reason=80000021 qualification=0000000000000000 [ 3322.151334] IDTVectoring: info=00000000 errcode=00000000 [ 3322.157106] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3322.164158] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3322.171202] TSC Offset = 0xfffff90b09f197b6 [ 3322.185538] EPT pointer = 0x000000004ddf701e [ 3322.191011] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3322.198940] reason=80000021 qualification=0000000000000000 [ 3322.205762] IDTVectoring: info=00000000 errcode=00000000 [ 3322.211389] TSC Offset = 0xfffff90b09c66d9d [ 3322.215912] EPT pointer = 0x000000009892b01e [ 3322.244776] *** Guest State *** 23:37:21 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) 23:37:21 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x5450, 0x0) 23:37:21 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:21 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x5000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:21 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) [ 3322.257601] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3322.271296] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3322.322304] CR3 = 0x0000000000000000 [ 3322.365885] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3322.391103] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3322.400711] *** Guest State *** [ 3322.413981] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3322.424089] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3322.446515] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3322.467872] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3322.471405] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3322.495619] CR3 = 0x0000000000000000 [ 3322.498280] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3322.507722] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3322.521249] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3322.532464] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3322.535529] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3322.543619] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3322.563978] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3322.565463] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3322.573972] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3322.594809] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3322.603172] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3322.617415] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3322.629737] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3322.641958] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3322.654131] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3322.662782] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3322.674829] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3322.684532] Interruptibility = 00000008 ActivityState = 00000000 [ 3322.694865] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3322.705026] *** Host State *** [ 3322.714782] RIP = 0xffffffff811b36f0 RSP = 0xffff8880582278b8 [ 3322.724969] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3322.735507] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3322.745521] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3322.747722] FSBase=00007f97698c8700 GSBase=ffff8880ae800000 TRBase=fffffe0000033000 [ 3322.764974] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3322.765501] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3322.773847] CR0=0000000080050033 CR3=000000009ac8c000 CR4=00000000001426f0 [ 3322.785462] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3322.791611] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3322.801985] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3322.805475] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3322.814101] *** Control State *** [ 3322.819828] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3322.825459] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3322.832208] EntryControls=0000d1ff ExitControls=002fefff [ 3322.838746] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3322.845462] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3322.851431] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3322.853225] Interruptibility = 00000008 ActivityState = 00000000 [ 3322.860106] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3322.880077] reason=80000021 qualification=0000000000000000 [ 3322.888902] IDTVectoring: info=00000000 errcode=00000000 [ 3322.894463] TSC Offset = 0xfffff90a96eef9c4 [ 3322.895464] *** Host State *** [ 3322.902103] RIP = 0xffffffff811b36f0 RSP = 0xffff8880514578b8 [ 3322.902789] EPT pointer = 0x0000000054bb901e [ 3322.908276] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 23:37:22 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x9, 0x9, 0xff, 0xfff, 0x5, 0x9, 0x7, 0x1000, 0x2, 0x6, 0x100, 0x4, 0x101, 0x0, 0xfffffffffffffffb, 0xfffffffffffffffd], 0x3000, 0x100010}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:22 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6488]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:22 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x5451, 0x0) 23:37:22 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x6000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:22 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) [ 3322.935573] FSBase=00007f4b44f19700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3322.955508] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3322.961499] CR0=0000000080050033 CR3=0000000081037000 CR4=00000000001426e0 [ 3322.985557] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3322.992428] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3323.029010] *** Control State *** [ 3323.036303] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3323.057925] EntryControls=0000d1ff ExitControls=002fefff [ 3323.075775] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3323.082716] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 23:37:22 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800e]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:22 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x7000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3323.163771] *** Guest State *** [ 3323.170674] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3323.214898] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3323.244900] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3323.275510] CR3 = 0x0000000000000000 [ 3323.279253] RSP = 0x0000000000000007 RIP = 0x0000000000008000 [ 3323.285229] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3323.301536] reason=80000021 qualification=0000000000000000 [ 3323.331558] IDTVectoring: info=00000000 errcode=00000000 [ 3323.337137] TSC Offset = 0xfffff90a7ce63ee5 [ 3323.341619] EPT pointer = 0x0000000083a5c01e [ 3323.346526] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3323.369929] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3323.392900] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3323.405355] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3323.419625] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3323.432252] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:22 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x800, 0x0) ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000100)={0x5, &(0x7f00000000c0)=[{0x5000000000000000, 0xf6, 0x1, 0xfff}, {0x1000, 0x8, 0xfffffffffffff8c6, 0xe2}, {0x1ff, 0x7d, 0xfffffffffffffff9, 0x18b4}, {0x1, 0x9, 0x56, 0x2}, {0x7, 0xc73, 0x1228, 0x22}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:22 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) 23:37:22 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x5452, 0x0) 23:37:22 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8035]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:22 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x8000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3323.443551] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3323.454881] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3323.469647] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3323.480470] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3323.501478] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3323.549996] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3323.589732] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3323.614591] Interruptibility = 00000008 ActivityState = 00000000 [ 3323.630943] *** Host State *** [ 3323.638986] RIP = 0xffffffff811b36f0 RSP = 0xffff88804f2878b8 [ 3323.639663] *** Guest State *** [ 3323.670047] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3323.679281] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3323.694653] FSBase=00007f97698c8700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3323.703529] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3323.717985] CR0=0000000080050033 CR3=0000000089c2a000 CR4=00000000001426e0 [ 3323.725214] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3323.732407] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3323.749204] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3323.759982] *** Control State *** [ 3323.763648] CR3 = 0x0000000000000000 [ 3323.774019] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3323.780787] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3323.780800] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3323.780816] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3323.780829] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3323.805740] EntryControls=0000d1ff ExitControls=002fefff [ 3323.813119] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3323.815653] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3323.833221] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3323.845508] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3323.847232] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3323.865354] reason=80000021 qualification=0000000000000000 [ 3323.865688] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3323.885509] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3323.895485] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3323.911925] IDTVectoring: info=00000000 errcode=00000000 [ 3323.917562] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3323.918078] TSC Offset = 0xfffff90a193e1925 [ 3323.933336] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3323.936632] EPT pointer = 0x00000000593c401e [ 3323.941549] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3323.956331] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3323.970061] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3323.977738] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3323.985272] Interruptibility = 00000008 ActivityState = 00000000 [ 3323.997907] *** Host State *** [ 3324.001226] RIP = 0xffffffff811b36f0 RSP = 0xffff88808db578b8 [ 3324.005595] *** Guest State *** [ 3324.010049] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3324.010787] CR0: actual=0x000000008005003f, shadow=0x000000008005001f, gh_mask=fffffffffffffff7 [ 3324.017077] FSBase=00007f4b44f19700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3324.035431] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3324.046829] CR0=0000000080050033 CR3=0000000052ce6000 CR4=00000000001426f0 [ 3324.054479] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3324.056610] CR4: actual=0x0000000000002068, shadow=0x0000000000000028, gh_mask=ffffffffffffe871 [ 3324.064731] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3324.083871] *** Control State *** [ 3324.088404] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3324.095175] EntryControls=0000d1ff ExitControls=002fefff [ 3324.096600] CR3 = 0x0000000000000000 [ 3324.105590] RSP = 0x0000000000000007 RIP = 0x0000000000003000 [ 3324.112329] RFLAGS=0x00100012 DR7 = 0x0000000000000400 [ 3324.123280] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3324.131423] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3324.142925] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3324.150709] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3324.163501] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3324.171169] reason=80000021 qualification=0000000000000000 [ 3324.182299] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3324.191397] IDTVectoring: info=00000000 errcode=00000000 [ 3324.197158] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3324.201266] TSC Offset = 0xfffff909d16ea084 [ 3324.210602] EPT pointer = 0x000000008d0e801e [ 3324.215510] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3324.229965] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3324.244672] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3324.259480] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3324.269832] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3324.275659] *** Guest State *** [ 3324.281507] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3324.281808] CR0: actual=0x000000008005003f, shadow=0x000000008005001f, gh_mask=fffffffffffffff7 [ 3324.304238] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3324.312355] EFER = 0x0000000000006500 PAT = 0x0007040600070406 [ 3324.335468] CR4: actual=0x0000000000002068, shadow=0x0000000000000028, gh_mask=ffffffffffffe871 [ 3324.341033] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3324.351878] CR3 = 0x0000000000000000 [ 3324.352733] Interruptibility = 00000008 ActivityState = 00000000 [ 3324.365642] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3324.366210] *** Host State *** [ 3324.375648] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3324.381669] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3324.394866] RIP = 0xffffffff811b36f0 RSP = 0xffff888059a178b8 [ 3324.401001] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3324.401124] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3324.412710] FSBase=00007f9769886700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3324.423376] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3324.435601] CR0=0000000080050033 CR3=0000000089c2a000 CR4=00000000001426e0 [ 3324.442750] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3324.445559] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3324.454171] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3324.457878] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3324.464462] *** Control State *** [ 3324.482138] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3324.485463] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3324.489080] EntryControls=0000d3ff ExitControls=002fefff [ 3324.497120] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3324.506228] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3324.517569] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3324.530990] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3324.539000] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3324.539010] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3324.539018] reason=80000021 qualification=0000000000000000 [ 3324.539025] IDTVectoring: info=00000000 errcode=00000000 [ 3324.539035] TSC Offset = 0xfffff90a193e1925 [ 3324.551556] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3324.576789] EPT pointer = 0x00000000593c401e [ 3324.582203] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3324.590650] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3324.604847] EFER = 0x0000000000006500 PAT = 0x0007040600070406 [ 3324.611577] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3324.626501] Interruptibility = 00000008 ActivityState = 00000000 [ 3324.632823] *** Host State *** 23:37:23 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000}, {}, {}, {0x0, 0x4000}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:23 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8100]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:23 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, 0x0) fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:23 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x9000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:23 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x5460, 0x0) [ 3324.642158] RIP = 0xffffffff811b36f0 RSP = 0xffff88808bb9f8b8 [ 3324.648574] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3324.655069] FSBase=00007f4b44ed7700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3324.714937] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3324.732411] CR0=0000000080050033 CR3=0000000052ce6000 CR4=00000000001426e0 23:37:23 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8847]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3324.766195] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3324.820647] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3324.857521] *** Guest State *** [ 3324.865664] *** Control State *** [ 3324.869375] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3324.881799] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3324.895546] EntryControls=0000d3ff ExitControls=002fefff 23:37:24 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xa000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3324.922561] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3324.929761] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3324.939005] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3324.969216] CR3 = 0x0000000000000000 [ 3324.978819] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3324.985599] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3325.011464] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3325.025531] reason=80000021 qualification=0000000000000000 [ 3325.031957] IDTVectoring: info=00000000 errcode=00000000 [ 3325.043132] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3325.059424] TSC Offset = 0xfffff909d16ea084 [ 3325.062989] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3325.063756] EPT pointer = 0x000000008d0e801e [ 3325.087462] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:24 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x2000000000, 0x0) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)=@known='system.sockprotoname\x00', &(0x7f0000000100)=""/13, 0xd) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) r3 = accept$inet6(0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000380)=0x1c) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000500)={0x7, 0x3f2, 0x5, 0xfffffffffffffffc, 0x200, 0x7, 0x6d, 0xffffffffffffffff, 0x0}, &(0x7f0000000540)=0x20) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r3, 0x84, 0x23, &(0x7f0000000700)={r4, 0x1}, 0x8) r5 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000600)='/dev/vcs\x00', 0x10000, 0x0) ioctl$sock_inet_tcp_SIOCATMARK(r5, 0x8905, &(0x7f0000000640)) r6 = semget(0x1, 0x3, 0x40) semctl$GETALL(r6, 0x0, 0xd, &(0x7f0000000680)=""/29) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) r7 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000240)='/dev/mixer\x00', 0x400000, 0x0) setsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000280)=@int=0x4, 0x4) r8 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vcs\x00', 0x200900, 0x0) ioctl$sock_inet_SIOCRTMSG(r8, 0x890d, &(0x7f00000001c0)={0x0, {0x2, 0x4e22, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x12}}, 0x8, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000180)='ipddp0\x00', 0x4, 0x1, 0x8}) setsockopt$inet6_MCAST_LEAVE_GROUP(r8, 0x29, 0x2d, &(0x7f00000002c0)={0x8, {{0xa, 0x4e21, 0x4, @empty, 0x4}}}, 0x88) fcntl$setpipe(r5, 0x407, 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 23:37:24 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, 0x0) fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:24 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x40049409, 0x0) 23:37:24 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8848]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:24 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xb000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3325.113547] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3325.127543] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3325.138869] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3325.191283] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3325.205514] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3325.230453] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3325.264842] *** Guest State *** [ 3325.269027] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3325.294755] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3325.331692] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3325.350113] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3325.372134] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3325.380148] CR3 = 0x0000000000000000 [ 3325.384049] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3325.392025] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3325.399780] Interruptibility = 00000008 ActivityState = 00000000 [ 3325.406460] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3325.412618] *** Host State *** [ 3325.416289] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3325.423151] RIP = 0xffffffff811b36f0 RSP = 0xffff88808f6278b8 [ 3325.438169] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3325.444774] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3325.453193] FSBase=00007f97698c8700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3325.461428] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3325.470166] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3325.476560] CR0=0000000080050033 CR3=0000000095d7e000 CR4=00000000001426e0 [ 3325.483909] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3325.492293] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3325.501446] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3325.515524] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3325.521738] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3325.530088] *** Control State *** [ 3325.533641] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3325.540986] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3325.549445] EntryControls=0000d1ff ExitControls=002fefff [ 3325.555011] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3325.570388] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3325.579614] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3325.587989] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3325.594775] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3325.605137] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3325.617701] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3325.626243] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3325.632822] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3325.640855] reason=80000021 qualification=0000000000000000 [ 3325.647576] Interruptibility = 00000008 ActivityState = 00000000 [ 3325.654076] *** Host State *** [ 3325.657832] IDTVectoring: info=00000000 errcode=00000000 [ 3325.663425] RIP = 0xffffffff811b36f0 RSP = 0xffff88808db578b8 [ 3325.669901] TSC Offset = 0xfffff909306118c5 [ 3325.674352] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3325.681169] EPT pointer = 0x0000000085d9401e [ 3325.685972] FSBase=00007f4b44f19700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 23:37:24 executing program 2: r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x80000000007, 0x1000000040000001) ioctl$FS_IOC_FSGETXATTR(r0, 0xc00c5512, &(0x7f00000001c0)={0x2, 0xffffffffffffffff, 0x9}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x40, 0x0) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f00000000c0)=0xffffffff) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) write$P9_RMKNOD(r2, &(0x7f0000000180)={0x14, 0x13, 0x1, {0x20, 0x4, 0x8}}, 0x14) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) fsetxattr$security_selinux(r3, &(0x7f0000000100)='security.selinux\x00', &(0x7f0000000140)='system_u:object_r:audit_spool_t:s0\x00', 0x23, 0x3) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r4, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$LOOP_SET_DIRECT_IO(r2, 0x4c08, 0x2) 23:37:24 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8864]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:24 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, 0x0) fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:24 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xc000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:24 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x4004ae8b, 0x0) [ 3325.711676] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3325.723875] CR0=0000000080050033 CR3=0000000091548000 CR4=00000000001426f0 [ 3325.735574] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3325.743904] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3325.801748] *** Control State *** [ 3325.809857] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3325.851547] EntryControls=0000d1ff ExitControls=002fefff 23:37:25 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3325.892969] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 23:37:25 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) [ 3325.935565] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3325.946554] *** Guest State *** [ 3325.949849] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3325.973605] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3326.000324] reason=80000021 qualification=0000000000000000 [ 3326.010691] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3326.042722] IDTVectoring: info=00000000 errcode=00000000 [ 3326.063767] TSC Offset = 0xfffff908f366b8c9 [ 3326.079970] EPT pointer = 0x000000004ddf701e [ 3326.093771] CR3 = 0x0000000000000000 [ 3326.100492] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3326.107509] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3326.113703] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3326.126808] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3326.135042] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3326.143789] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3326.152251] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3326.175645] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3326.202875] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3326.227952] GDTR: limit=0x00000000, base=0x0000000000000000 23:37:25 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:25 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xd000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:25 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x4004ae99, 0x0) 23:37:25 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:25 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) [ 3326.248290] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3326.269272] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3326.317857] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3326.336132] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3326.355239] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3326.374508] Interruptibility = 00000008 ActivityState = 00000000 [ 3326.420045] *** Host State *** [ 3326.427069] RIP = 0xffffffff811b36f0 RSP = 0xffff88804cc378b8 [ 3326.435125] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3326.459978] FSBase=00007f97698c8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3326.475936] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3326.486495] CR0=0000000080050033 CR3=00000000a13bb000 CR4=00000000001426f0 [ 3326.503011] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3326.511133] *** Guest State *** [ 3326.517943] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3326.527376] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3326.545691] CR3 = 0x0000000000000000 [ 3326.555511] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3326.562063] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3326.573154] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3326.576424] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3326.580202] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3326.594159] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3326.602738] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3326.610975] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3326.619276] *** Control State *** [ 3326.622694] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3326.631260] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3326.639499] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3326.639659] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3326.662891] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3326.670181] EntryControls=0000d1ff ExitControls=002fefff [ 3326.671524] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3326.690533] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3326.695486] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3326.698679] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3326.730045] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3326.731104] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3326.751149] Interruptibility = 00000008 ActivityState = 00000000 [ 3326.756666] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3326.758390] *** Host State *** [ 3326.772399] RIP = 0xffffffff811b36f0 RSP = 0xffff888050b478b8 [ 3326.775854] reason=80000021 qualification=0000000000000000 [ 3326.792488] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3326.795421] IDTVectoring: info=00000000 errcode=00000000 [ 3326.799011] FSBase=00007f4b44ed7700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3326.806014] TSC Offset = 0xfffff9089abf700e [ 3326.817689] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3326.823688] CR0=0000000080050033 CR3=00000000a5041000 CR4=00000000001426f0 23:37:25 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) openat$udambuf(0xffffffffffffff9c, &(0x7f0000000000)='/dev/udmabuf\x00', 0x2) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:25 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0ffff]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:25 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x4020940d, 0x0) 23:37:25 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xe000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:25 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) [ 3326.834516] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3326.836638] EPT pointer = 0x00000000945a301e [ 3326.843287] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3326.869997] *** Control State *** [ 3326.873462] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3326.942235] EntryControls=0000d1ff ExitControls=002fefff 23:37:26 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3326.995793] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3327.009822] *** Guest State *** [ 3327.022067] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3327.040153] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 23:37:26 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xf000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3327.074353] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3327.087416] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3327.108093] CR3 = 0x0000000000000000 [ 3327.117103] reason=80000021 qualification=0000000000000000 [ 3327.118783] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3327.142235] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3327.155305] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3327.169470] IDTVectoring: info=00000000 errcode=00000000 [ 3327.174928] TSC Offset = 0xfffff9084e3e73bc [ 3327.196796] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3327.224598] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3327.236162] EPT pointer = 0x00000000832ba01e [ 3327.252059] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3327.278637] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:26 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0xfffffffffffffffe, 0x3, 0x4, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:26 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:26 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r1, 0xf, 0x0) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:26 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x4048ae9b, 0x0) 23:37:26 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x10000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3327.295811] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3327.305982] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3327.313987] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3327.329810] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3327.442078] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3327.484148] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3327.515260] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3327.533269] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3327.570115] Interruptibility = 00000008 ActivityState = 00000000 [ 3327.594006] *** Host State *** [ 3327.608463] RIP = 0xffffffff811b36f0 RSP = 0xffff888059a178b8 [ 3327.614466] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3327.623738] FSBase=00007f97698c8700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3327.634663] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3327.644035] CR0=0000000080050033 CR3=00000000a13bb000 CR4=00000000001426e0 [ 3327.654040] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3327.664620] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3327.673499] *** Control State *** [ 3327.679826] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3327.689649] EntryControls=0000d1ff ExitControls=002fefff [ 3327.695142] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3327.705268] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3327.715002] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 3327.724702] reason=80000021 qualification=0000000000000000 [ 3327.733878] IDTVectoring: info=00000000 errcode=00000000 [ 3327.742083] TSC Offset = 0xfffff90808fd46c1 [ 3327.751308] EPT pointer = 0x000000005a31a01e [ 3327.779099] *** Guest State *** [ 3327.782424] CR0: actual=0x000000008005003f, shadow=0x000000008005001f, gh_mask=fffffffffffffff7 [ 3327.798134] CR4: actual=0x0000000000002068, shadow=0x0000000000000028, gh_mask=ffffffffffffe871 [ 3327.810957] CR3 = 0x0000000000000000 [ 3327.814766] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3327.823293] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3327.835152] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3327.843938] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3327.857821] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3327.878251] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3327.891409] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3327.902512] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3327.915547] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3327.929845] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3327.939940] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3327.951886] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3327.961962] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3327.974049] EFER = 0x0000000000006500 PAT = 0x0007040600070406 [ 3327.982578] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3327.994055] Interruptibility = 00000008 ActivityState = 00000000 [ 3328.002352] *** Host State *** [ 3328.009567] RIP = 0xffffffff811b36f0 RSP = 0xffff888059a178b8 [ 3328.017631] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3328.024397] FSBase=00007f97698c8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3328.038476] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3328.044455] CR0=0000000080050033 CR3=00000000a13bb000 CR4=00000000001426f0 [ 3328.054437] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3328.064947] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3328.071408] *** Control State *** [ 3328.074949] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3328.081792] EntryControls=0000d3ff ExitControls=002fefff [ 3328.087425] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3328.094448] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3328.101238] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3328.107953] reason=80000021 qualification=0000000000000000 [ 3328.114390] IDTVectoring: info=00000000 errcode=00000000 [ 3328.119995] TSC Offset = 0xfffff90808fd46c1 [ 3328.124432] EPT pointer = 0x000000005a31a01e 23:37:27 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x42000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$sock_inet_SIOCGARP(r3, 0x8954, &(0x7f00000000c0)={{0x2, 0x4e20, @remote}, {0x2f4afa466db5a0f, @local}, 0x70, {0x2, 0x4e20, @local}, 'bcsf0\x00'}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:27 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:27 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x4090ae82, 0x0) 23:37:27 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x11000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:27 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r1, 0xf, 0x0) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:27 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x8200, 0x0) accept$packet(r3, &(0x7f00000000c0), &(0x7f0000000100)=0x14) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:27 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3328.261039] *** Guest State *** [ 3328.281128] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3328.321102] *** Guest State *** [ 3328.324402] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3328.329780] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3328.394455] CR3 = 0x0000000000000000 [ 3328.411188] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3328.423051] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3328.429525] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 23:37:27 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x12000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:27 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r1, 0xf, 0x0) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:27 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x4138ae84, 0x0) [ 3328.454030] CR3 = 0x0000000000000000 [ 3328.458176] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3328.475836] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3328.492783] RSP = 0x0000000000000000 RIP = 0x0000000000008000 23:37:27 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3328.525734] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3328.531871] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3328.540210] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3328.551009] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3328.575509] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3328.606851] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3328.607628] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3328.627586] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:27 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x13000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3328.676716] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3328.698299] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3328.702598] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3328.716480] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3328.725529] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3328.746740] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3328.751745] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3328.776612] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3328.784609] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3328.784622] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3328.784640] Interruptibility = 00000008 ActivityState = 00000000 [ 3328.784649] *** Host State *** [ 3328.808402] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3328.812463] RIP = 0xffffffff811b36f0 RSP = 0xffff88808f6278b8 [ 3328.829790] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3328.837723] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3328.838418] FSBase=00007f4b44f19700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3328.860365] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3328.865899] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3328.874399] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3328.878316] CR0=0000000080050033 CR3=0000000098560000 CR4=00000000001426f0 [ 3328.892910] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3328.915748] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3328.922249] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3328.930026] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3328.953435] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3328.958179] Interruptibility = 00000008 ActivityState = 00000000 [ 3328.976293] *** Host State *** [ 3328.977457] *** Control State *** [ 3328.979647] RIP = 0xffffffff811b36f0 RSP = 0xffff88804afd78b8 [ 3328.989063] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3328.989072] EntryControls=0000d1ff ExitControls=002fefff [ 3328.989086] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3328.989095] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3329.001222] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3329.025755] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3329.034631] FSBase=00007f97698c8700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3329.054945] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3329.056183] reason=80000021 qualification=0000000000000000 [ 3329.068089] CR0=0000000080050033 CR3=00000000a13b8000 CR4=00000000001426e0 [ 3329.081756] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3329.089024] IDTVectoring: info=00000000 errcode=00000000 [ 3329.102868] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3329.106515] TSC Offset = 0xfffff9075895a843 [ 3329.110460] *** Control State *** [ 3329.117114] EPT pointer = 0x00000000a476101e [ 3329.127609] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3329.134472] EntryControls=0000d1ff ExitControls=002fefff [ 3329.161632] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3329.172115] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3329.187421] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3329.194140] reason=80000021 qualification=0000000000000000 [ 3329.214139] IDTVectoring: info=00000000 errcode=00000000 [ 3329.223904] TSC Offset = 0xfffff90755420dfe [ 3329.239680] EPT pointer = 0x00000000a889201e 23:37:28 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:28 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x41a0ae8d, 0x0) 23:37:28 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x0, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) 23:37:28 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x14000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:28 executing program 1: r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x80000, 0x0) ioctl$FIGETBSZ(r0, 0x2, &(0x7f00000001c0)) fcntl$getownex(r0, 0x10, &(0x7f00000000c0)) ioctl$TUNSETNOCSUM(r0, 0x400454c8, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0x1000) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_init_net_socket$nfc_llcp(0x27, 0x10000000000804, 0x1) ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000000140)) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x20080, 0x0) ioctl$SIOCAX25GETINFOOLD(r0, 0x89e9, &(0x7f0000000200)) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SMI(r4, 0xaeb7) r5 = creat(&(0x7f0000000240)='./file0\x00', 0xe) ioctl$SG_GET_ACCESS_COUNT(r5, 0x2289, &(0x7f0000000280)) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) write$cgroup_subtree(r0, &(0x7f00000002c0)={[{0x2b, 'cpu'}, {0x2f, 'io'}, {0x2b, 'memory'}, {0x2b, 'rdma'}]}, 0x17) ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_S390_UCAS_MAP(r3, 0x4018ae50, &(0x7f0000000040)={0x7fffffff, 0x12}) 23:37:28 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xfffffffffffffffd) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) r3 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0x0) keyctl$get_security(0x11, r3, &(0x7f0000000100)=""/46, 0x2e) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:28 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x8004ae98, 0x0) 23:37:28 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:28 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x15000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:28 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x0, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) [ 3329.553912] QAT: Invalid ioctl [ 3329.612846] QAT: Invalid ioctl 23:37:28 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) setsockopt$inet_sctp_SCTP_RECVNXTINFO(r3, 0x84, 0x21, &(0x7f0000000000)=0x3f, 0x4) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:28 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000100)=0x0) fcntl$setown(r0, 0x8, r3) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0xbfd, 0x0) ioctl$SIOCAX25CTLCON(r4, 0x89e8, &(0x7f0000000140)={@default, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x9, 0x7, 0x3, [@default, @null, @default, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}]}) ioctl$SG_SET_COMMAND_Q(r4, 0x2271, &(0x7f00000000c0)=0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:28 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8060000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:28 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x16000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:28 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 23:37:29 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x0, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) [ 3329.891471] *** Guest State *** [ 3329.906041] *** Guest State *** [ 3329.914688] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3329.921145] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3329.972797] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3329.977852] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3330.007071] CR3 = 0x0000000000000000 23:37:29 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3330.018836] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3330.046437] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3330.056519] CR3 = 0x0000000000000000 [ 3330.074835] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3330.086733] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 23:37:29 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x17000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3330.095012] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3330.109943] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3330.119199] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3330.131336] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3330.145767] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3330.160531] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3330.171859] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:29 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r1, 0xf, &(0x7f0000000280)={0x2}) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:29 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x8138ae83, 0x0) [ 3330.198698] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3330.205419] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3330.235629] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:29 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3330.253243] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3330.262498] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3330.285668] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3330.285834] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:29 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x18000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3330.300583] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3330.342785] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3330.368455] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3330.398692] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3330.411695] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3330.429962] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3330.443476] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3330.451218] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3330.459382] Interruptibility = 00000008 ActivityState = 00000000 [ 3330.477279] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3330.500038] *** Host State *** [ 3330.504249] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3330.504524] RIP = 0xffffffff811b36f0 RSP = 0xffff8880a85578b8 [ 3330.525595] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3330.540979] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3330.549181] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3330.561423] FSBase=00007f97698c8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3330.569433] Interruptibility = 00000008 ActivityState = 00000000 [ 3330.581582] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3330.587617] *** Host State *** [ 3330.590826] RIP = 0xffffffff811b36f0 RSP = 0xffff888058dbf8b8 [ 3330.602454] CR0=0000000080050033 CR3=00000000a4ced000 CR4=00000000001426f0 [ 3330.610530] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3330.630322] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3330.642861] FSBase=00007f4b44f19700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3330.661281] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3330.671334] *** Control State *** [ 3330.674885] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3330.687544] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3330.693451] CR0=0000000080050033 CR3=0000000091548000 CR4=00000000001426e0 [ 3330.718416] EntryControls=0000d1ff ExitControls=002fefff [ 3330.738525] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3330.749374] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3330.759006] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3330.768676] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3330.779038] reason=80000021 qualification=0000000000000000 [ 3330.788906] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3330.794969] *** Control State *** [ 3330.801545] IDTVectoring: info=00000000 errcode=00000000 [ 3330.809981] TSC Offset = 0xfffff9067c07cc60 [ 3330.814379] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3330.824118] EPT pointer = 0x000000009b59401e [ 3330.831499] EntryControls=0000d1ff ExitControls=002fefff [ 3330.858349] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3330.865285] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3330.881238] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3330.890874] reason=80000021 qualification=0000000000000000 [ 3330.900593] IDTVectoring: info=00000000 errcode=00000000 23:37:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0x81a0ae8c, 0x0) [ 3330.909165] TSC Offset = 0xfffff90679d98666 [ 3330.913576] EPT pointer = 0x00000000945fb01e 23:37:30 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x48c003, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r1, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000fff000/0x1000)=nil}) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000080)) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {0x0, 0x100000}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:30 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r1, 0xf, &(0x7f0000000280)={0x2}) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) 23:37:30 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:30 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f00000000c0)={0x0}, &(0x7f0000000100)=0xc) ptrace$cont(0x20, r4, 0x7ff, 0x991f) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r5 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x0, 0x0) ioctl$ASHMEM_GET_PIN_STATUS(r5, 0x7709, 0x0) 23:37:30 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x19000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xc0045878, 0x0) 23:37:30 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:30 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) r3 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x2000, 0x2) setsockopt$bt_BT_POWER(r3, 0x112, 0x9, &(0x7f00000000c0)=0x9, 0x1) [ 3331.189916] *** Guest State *** [ 3331.193352] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:30 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1a000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xc0045878, 0x0) [ 3331.240180] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3331.280352] CR3 = 0x0000000000000000 23:37:30 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r1, 0xf, &(0x7f0000000280)={0x2}) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) [ 3331.289047] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3331.302394] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3331.329806] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 23:37:30 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3331.355693] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3331.380093] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3331.449681] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:30 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) dup2(r0, r0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:30 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1b000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xc0189436, 0x0) [ 3331.490223] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3331.529996] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3331.571189] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3331.607775] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3331.648870] *** Guest State *** [ 3331.653618] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3331.668604] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3331.681776] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3331.693851] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3331.709595] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3331.719757] CR3 = 0x0000000000000000 [ 3331.723688] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3331.734184] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3331.742427] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3331.758164] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3331.768015] Interruptibility = 00000008 ActivityState = 00000000 [ 3331.774424] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3331.784455] *** Host State *** [ 3331.791381] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3331.802592] RIP = 0xffffffff811b36f0 RSP = 0xffff888082a9f8b8 [ 3331.811793] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3331.822770] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3331.832491] FSBase=00007f97698c8700 GSBase=ffff8880ae800000 TRBase=fffffe0000033000 [ 3331.851584] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3331.864528] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3331.876485] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3331.892647] CR0=0000000080050033 CR3=000000008cb42000 CR4=00000000001426f0 [ 3331.902267] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3331.914710] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3331.923395] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3331.937562] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3331.948550] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3331.954639] *** Control State *** [ 3331.961447] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3331.978557] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3331.993763] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3332.010575] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3332.030430] EntryControls=0000d1ff ExitControls=002fefff [ 3332.041332] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3332.052765] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3332.062300] Interruptibility = 00000008 ActivityState = 00000000 [ 3332.072681] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3332.081591] *** Host State *** [ 3332.084871] RIP = 0xffffffff811b36f0 RSP = 0xffff8880939ef8b8 [ 3332.095327] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3332.103780] FSBase=00007f4b44f19700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3332.117536] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3332.124212] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3332.134228] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3332.143607] CR0=0000000080050033 CR3=0000000058b0c000 CR4=00000000001426e0 [ 3332.153805] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3332.168276] reason=80000021 qualification=0000000000000000 [ 3332.174606] IDTVectoring: info=00000000 errcode=00000000 [ 3332.182263] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3332.192422] *** Control State *** [ 3332.197917] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3332.204651] TSC Offset = 0xfffff905d0040804 [ 3332.212874] EPT pointer = 0x00000000846e701e [ 3332.217563] EntryControls=0000d1ff ExitControls=002fefff [ 3332.223034] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3332.223044] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3332.223054] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3332.223063] reason=80000021 qualification=0000000000000000 [ 3332.223070] IDTVectoring: info=00000000 errcode=00000000 [ 3332.223077] TSC Offset = 0xfffff90588e57607 [ 3332.223085] EPT pointer = 0x0000000082a5f01e 23:37:31 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) 23:37:31 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:31 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xc018ae85, 0x0) 23:37:31 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x1, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f00000000c0)="c4e2690a95d8d7f7f948b80e000000000000000f23d80f21f835c00000300f23f866b812000f00d8c462b9de5ecb460f0666b8c4008ee846d9f23e2ef30f0766b817010f00d0360faef1", 0x4a}], 0x1, 0x4, &(0x7f0000000140), 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:31 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1c000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:31 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x2000, 0x0) ioctl$SG_SET_DEBUG(r3, 0x227e, &(0x7f00000000c0)) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:31 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x43050000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:31 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1d000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3332.524013] *** Guest State *** 23:37:31 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) [ 3332.565843] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:31 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xc020660b, 0x0) 23:37:31 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3332.616020] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3332.662934] *** Guest State *** [ 3332.680605] CR3 = 0x0000000000000000 [ 3332.686157] RSP = 0x0000000000000f80 RIP = 0x0000000000008000 [ 3332.692258] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3332.720065] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3332.729766] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3332.745698] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 3332.752556] CR3 = 0x0000000000000000 [ 3332.764272] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3332.775789] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3332.799384] RFLAGS=0x00000002 DR7 = 0x0000000000000400 23:37:31 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800e0000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:31 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1e000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3332.821725] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3332.841826] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3332.847967] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3332.890874] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3332.897734] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3332.914244] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:32 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80350000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:32 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) [ 3332.934998] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3332.955630] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3332.977232] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3332.989443] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3332.999759] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3333.011808] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3333.044044] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3333.075740] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3333.088621] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3333.091169] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3333.114868] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3333.131491] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3333.139794] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3333.141984] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 3333.168848] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3333.196225] Interruptibility = 00000008 ActivityState = 00000000 [ 3333.197226] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3333.215302] *** Host State *** [ 3333.219092] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3333.225936] RIP = 0xffffffff811b36f0 RSP = 0xffff88805a4df8b8 [ 3333.227079] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3333.244859] Interruptibility = 00000008 ActivityState = 00000000 [ 3333.252578] *** Host State *** [ 3333.253433] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3333.260737] RIP = 0xffffffff811b36f0 RSP = 0xffff8880876ff8b8 [ 3333.270632] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3333.276577] FSBase=00007f97698e9700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3333.285517] FSBase=00007f4b44f19700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3333.293320] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3333.312237] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3333.318391] CR0=0000000080050033 CR3=00000000979a4000 CR4=00000000001426f0 [ 3333.332213] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3333.335466] CR0=0000000080050033 CR3=0000000080e55000 CR4=00000000001426e0 [ 3333.339105] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3333.363742] *** Control State *** [ 3333.365458] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3333.367293] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 3333.374289] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3333.374294] *** Control State *** [ 3333.374304] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3333.374312] EntryControls=0000d1ff ExitControls=002fefff [ 3333.374326] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3333.374335] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3333.374355] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3333.374364] reason=80000021 qualification=0000000000000000 [ 3333.374371] IDTVectoring: info=00000000 errcode=00000000 [ 3333.374378] TSC Offset = 0xfffff905006aa3ee [ 3333.374388] EPT pointer = 0x000000009ac8c01e [ 3333.445457] EntryControls=0000d1ff ExitControls=002fefff [ 3333.450919] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3333.485457] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3333.492173] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3333.500372] reason=80000021 qualification=0000000000000000 [ 3333.529596] IDTVectoring: info=00000000 errcode=00000000 [ 3333.544380] TSC Offset = 0xfffff9051275634e [ 3333.562209] EPT pointer = 0x00000000a4f3601e 23:37:32 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x22402, 0x40) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x1f, &(0x7f00000000c0)={@initdev, 0x0}, &(0x7f0000000100)=0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000140)={'vcan0\x00', r4}) 23:37:32 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x2) 23:37:32 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x26000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:32 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:32 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, 0x0) wait4(0x0, 0x0, 0x80000000, 0x0) 23:37:32 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x80040) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x10003, 0xa9c6033bb6b617b4, 0x4002, 0x1000, &(0x7f0000fff000/0x1000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:32 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86ddffff]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3333.792169] *** Guest State *** [ 3333.806468] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:32 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x3) [ 3333.843677] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3333.876405] CR3 = 0x0000000000000000 [ 3333.877726] *** Guest State *** [ 3333.883000] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3333.887147] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3333.900040] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3333.925495] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 23:37:33 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, 0x0) wait4(0x0, 0x0, 0x80000000, 0x0) 23:37:33 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88470000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3333.955550] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3333.962288] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3333.983019] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:33 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x29000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3334.006785] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3334.044902] CR3 = 0x0000000000000000 [ 3334.045594] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3334.060142] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3334.099446] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3334.102207] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3334.128367] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3334.136729] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 23:37:33 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x4) [ 3334.157481] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3334.175934] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3334.190825] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3334.203479] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3334.226863] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3334.255559] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3334.256319] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3334.275742] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3334.295562] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3334.325502] Interruptibility = 00000008 ActivityState = 00000000 [ 3334.335539] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3334.355551] *** Host State *** [ 3334.358844] RIP = 0xffffffff811b36f0 RSP = 0xffff8880965cf8b8 [ 3334.364920] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3334.373967] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3334.380561] FSBase=00007f4b44f19700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3334.389791] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3334.397936] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3334.403932] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3334.412152] CR0=0000000080050033 CR3=000000008f565000 CR4=00000000001426e0 [ 3334.419322] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3334.427521] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3334.434275] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3334.440529] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3334.448641] *** Control State *** [ 3334.452190] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3334.459050] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3334.467180] EntryControls=0000d1ff ExitControls=002fefff [ 3334.472733] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3334.479445] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3334.486523] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3334.494059] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3334.500920] Interruptibility = 00000008 ActivityState = 00000000 [ 3334.507366] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3334.514037] *** Host State *** [ 3334.517372] RIP = 0xffffffff811b36f0 RSP = 0xffff8880a85578b8 [ 3334.523453] reason=80000021 qualification=0000000000000000 [ 3334.529963] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3334.538760] IDTVectoring: info=00000000 errcode=00000000 [ 3334.544362] FSBase=00007f97698c8700 GSBase=ffff8880ae800000 TRBase=fffffe0000033000 [ 3334.557702] TSC Offset = 0xfffff90464f0e4f6 [ 3334.562168] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3334.571979] EPT pointer = 0x000000008fe2101e [ 3334.576587] CR0=0000000080050033 CR3=0000000091406000 CR4=00000000001426f0 [ 3334.583695] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3334.591224] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3334.610268] *** Control State *** [ 3334.614675] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3334.621636] EntryControls=0000d1ff ExitControls=002fefff [ 3334.627751] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3334.635200] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3334.642164] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3334.663577] reason=80000021 qualification=0000000000000000 [ 3334.685485] IDTVectoring: info=00000000 errcode=00000000 [ 3334.690969] TSC Offset = 0xfffff9045c4fa34f [ 3334.695304] EPT pointer = 0x0000000089c7d01e [ 3334.745704] *** Guest State *** [ 3334.749035] CR0: actual=0x000000008005003f, shadow=0x000000008005001f, gh_mask=fffffffffffffff7 [ 3334.775494] CR4: actual=0x0000000000002068, shadow=0x0000000000000028, gh_mask=ffffffffffffe871 [ 3334.784378] CR3 = 0x0000000000000000 [ 3334.789423] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3334.795538] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3334.801530] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3334.808329] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3334.816566] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3334.824621] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3334.832748] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3334.840848] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3334.848957] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3334.857074] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3334.865064] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3334.873179] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3334.883838] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3334.891907] EFER = 0x0000000000006500 PAT = 0x0007040600070406 [ 3334.898407] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3334.906157] Interruptibility = 00000008 ActivityState = 00000000 [ 3334.912495] *** Host State *** [ 3334.915911] RIP = 0xffffffff811b36f0 RSP = 0xffff8880975df8b8 [ 3334.921990] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3334.928654] FSBase=00007f97698e9700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3334.936669] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3334.942677] CR0=0000000080050033 CR3=0000000091406000 CR4=00000000001426e0 [ 3334.950308] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3334.957264] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3334.963445] *** Control State *** [ 3334.967129] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3334.973917] EntryControls=0000d3ff ExitControls=002fefff [ 3334.979767] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3334.986954] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3334.993715] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3335.000728] reason=80000021 qualification=0000000000000000 [ 3335.007280] IDTVectoring: info=00000000 errcode=00000000 [ 3335.012825] TSC Offset = 0xfffff9045c4fa34f [ 3335.017401] EPT pointer = 0x0000000089c7d01e 23:37:34 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2000, 0x0) getpeername$netrom(r2, &(0x7f00000000c0)={{0x3, @netrom}, [@netrom, @default, @netrom, @bcast, @rose, @default, @null, @bcast]}, &(0x7f0000000140)=0x48) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r4 = socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r3, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) fcntl$setlease(r4, 0x400, 0x0) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 23:37:34 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88480000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:34 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, 0x0) wait4(0x0, 0x0, 0x80000000, 0x0) 23:37:34 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x2e000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x5) 23:37:34 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 3335.151933] *** Guest State *** [ 3335.155264] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:34 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88640000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3335.201516] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3335.231186] *** Guest State *** [ 3335.234532] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3335.244449] CR3 = 0x0000000000000000 23:37:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x6) 23:37:34 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x34000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3335.256006] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3335.265586] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3335.274089] CR3 = 0x0000000000000000 [ 3335.284028] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3335.295535] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3335.305536] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3335.323725] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3335.328984] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 23:37:34 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)) wait4(0x0, 0x0, 0x80000000, 0x0) 23:37:34 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88a8ffff]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3335.350550] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3335.368267] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3335.387296] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3335.415914] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3335.424462] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3335.451367] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x7) [ 3335.454028] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3335.484272] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3335.529199] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3335.533252] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3335.557693] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3335.558982] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3335.583100] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3335.590058] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3335.613843] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3335.622921] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3335.639494] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3335.647712] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3335.647734] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3335.647746] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3335.647757] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3335.658376] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3335.693300] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3335.700426] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3335.708170] Interruptibility = 00000008 ActivityState = 00000000 [ 3335.721919] Interruptibility = 00000008 ActivityState = 00000000 [ 3335.735662] *** Host State *** [ 3335.740436] RIP = 0xffffffff811b36f0 RSP = 0xffff8880a85578b8 [ 3335.746773] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3335.753462] FSBase=00007f97698c8700 GSBase=ffff8880ae800000 TRBase=fffffe0000033000 [ 3335.761689] *** Host State *** [ 3335.763226] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3335.764908] RIP = 0xffffffff811b36f0 RSP = 0xffff88809001f8b8 [ 3335.764933] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3335.764947] FSBase=00007f4b44f19700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3335.764960] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3335.764977] CR0=0000000080050033 CR3=00000000a9233000 CR4=00000000001426e0 [ 3335.764992] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3335.771100] CR0=0000000080050033 CR3=000000009966a000 CR4=00000000001426f0 [ 3335.823259] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3335.830453] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3335.835906] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3335.836797] *** Control State *** [ 3335.842728] *** Control State *** [ 3335.846357] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3335.856783] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3335.863773] EntryControls=0000d1ff ExitControls=002fefff [ 3335.869499] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3335.876632] EntryControls=0000d1ff ExitControls=002fefff [ 3335.882219] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3335.889364] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3335.896474] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3335.903294] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3335.910075] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3335.919259] reason=80000021 qualification=0000000000000000 [ 3335.925795] reason=80000021 qualification=0000000000000000 [ 3335.932247] IDTVectoring: info=00000000 errcode=00000000 [ 3335.938363] IDTVectoring: info=00000000 errcode=00000000 [ 3335.943955] TSC Offset = 0xfffff903a1ea69f7 [ 3335.948507] EPT pointer = 0x000000008cad401e [ 3335.953039] TSC Offset = 0xfffff903a83263ba [ 3335.957683] EPT pointer = 0x000000008384b01e [ 3335.991759] *** Guest State *** [ 3335.995083] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3336.019816] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3336.026428] *** Guest State *** [ 3336.033670] CR3 = 0x0000000000000000 [ 3336.039549] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3336.051099] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3336.056014] CR0: actual=0x000000008005003f, shadow=0x000000008005001f, gh_mask=fffffffffffffff7 [ 3336.058660] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3336.068743] CR4: actual=0x0000000000002068, shadow=0x0000000000000028, gh_mask=ffffffffffffe871 [ 3336.077271] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3336.081884] CR3 = 0x0000000000000000 [ 3336.093580] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [ 3336.099753] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3336.105938] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3336.112788] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3336.121086] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3336.129402] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3336.137567] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3336.145838] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3336.153984] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3336.162197] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3336.162300] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3336.170372] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3336.186436] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3336.194535] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3336.202755] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3336.210899] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3336.219043] EFER = 0x0000000000006500 PAT = 0x0007040600070406 [ 3336.219118] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3336.225676] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3336.241227] Interruptibility = 00000000 ActivityState = 00000000 [ 3336.247630] *** Host State *** [ 3336.250967] RIP = 0xffffffff811b36f0 RSP = 0xffff88809001f8b8 [ 3336.257152] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3336.261328] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3336.263689] FSBase=00007f4b44f19700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3336.272754] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3336.288452] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3336.294082] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3336.301080] CR0=0000000080050033 CR3=00000000a9233000 CR4=00000000001426e0 [ 3336.302649] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3336.318566] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3336.323749] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3336.333682] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3336.334270] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3336.346032] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3336.353755] Interruptibility = 00000008 ActivityState = 00000000 [ 3336.363994] *** Control State *** [ 3336.365902] *** Host State *** [ 3336.371029] RIP = 0xffffffff811b36f0 RSP = 0xffff8880908df8b8 [ 3336.374281] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3336.382754] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3336.393677] FSBase=00007f9769886700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3336.395406] EntryControls=0000d3ff ExitControls=002fefff [ 3336.407172] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3336.413203] CR0=0000000080050033 CR3=000000009966a000 CR4=00000000001426f0 [ 3336.415887] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3336.425744] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3336.434144] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3336.443949] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3336.446101] *** Control State *** [ 3336.454432] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3336.459686] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3336.466945] EntryControls=0000d1ff ExitControls=002fefff [ 3336.475772] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3336.480083] reason=80000021 qualification=0000000000000000 [ 3336.482702] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3336.482712] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3336.482720] reason=80000021 qualification=0000000000000000 [ 3336.482731] IDTVectoring: info=00000000 errcode=00000000 [ 3336.502502] IDTVectoring: info=00000000 errcode=00000000 [ 3336.515269] TSC Offset = 0xfffff903362f3fc7 [ 3336.524354] EPT pointer = 0x00000000937c201e 23:37:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r1, 0xc008551b, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000280000000600c3b6f4dd05bc"]) 23:37:35 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x36000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:35 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88caffff]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:35 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)) wait4(0x0, 0x0, 0x80000000, 0x0) 23:37:35 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0xf) [ 3336.547517] TSC Offset = 0xfffff90334ad6778 [ 3336.559709] EPT pointer = 0x000000009fecd01e 23:37:35 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000000)={0x102001, 0x100000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:35 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89060000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:35 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x38000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3336.773000] *** Guest State *** [ 3336.788853] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:35 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x11) [ 3336.831270] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3336.854542] *** Guest State *** [ 3336.871426] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3336.876753] CR3 = 0x0000000000000000 23:37:36 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)) wait4(0x0, 0x0, 0x80000000, 0x0) 23:37:36 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8dffffff]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3336.904960] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3336.914117] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3336.937287] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3336.970794] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3336.976490] CR3 = 0x0000000000000000 [ 3336.995740] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3337.012747] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3337.016545] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3337.026721] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3337.056162] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 23:37:36 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x3a000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3337.064165] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3337.064185] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3337.088820] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3337.114753] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3337.135252] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3337.149691] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3337.167274] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3337.182883] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3337.195840] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3337.218355] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3337.230250] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3337.244406] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3337.253193] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3337.286597] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3337.294726] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3337.309080] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3337.320876] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3337.333383] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3337.342006] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3337.354687] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3337.364492] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3337.375316] Interruptibility = 00000008 ActivityState = 00000000 [ 3337.384068] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3337.397902] *** Host State *** [ 3337.401403] RIP = 0xffffffff811b36f0 RSP = 0xffff88809001f8b8 [ 3337.410547] Interruptibility = 00000008 ActivityState = 00000000 [ 3337.419923] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3337.433892] *** Host State *** [ 3337.440612] RIP = 0xffffffff811b36f0 RSP = 0xffff8880908df8b8 [ 3337.447066] FSBase=00007f4b44f19700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3337.455546] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3337.460475] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3337.468264] CR0=0000000080050033 CR3=000000004e3b1000 CR4=00000000001426f0 [ 3337.475451] FSBase=00007f97698c8700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3337.475715] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3337.495440] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3337.501743] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3337.502024] CR0=0000000080050033 CR3=000000008d2f5000 CR4=00000000001426e0 [ 3337.519169] *** Control State *** [ 3337.522799] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3337.525656] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3337.536295] EntryControls=0000d1ff ExitControls=002fefff [ 3337.542576] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3337.554738] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3337.555565] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3337.585479] *** Control State *** [ 3337.587189] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3337.600319] reason=80000021 qualification=0000000000000000 [ 3337.605502] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3337.608889] IDTVectoring: info=00000000 errcode=00000000 [ 3337.613442] EntryControls=0000d1ff ExitControls=002fefff [ 3337.624468] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3337.638484] TSC Offset = 0xfffff902c3e99a1a [ 3337.643061] EPT pointer = 0x0000000086efa01e [ 3337.647836] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3337.659378] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3337.691324] reason=80000021 qualification=0000000000000000 [ 3337.711876] IDTVectoring: info=00000000 errcode=00000000 [ 3337.723164] TSC Offset = 0xfffff902ce861be6 [ 3337.734126] EPT pointer = 0x00000000a102401e 23:37:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$sock_inet_tcp_SIOCATMARK(r3, 0x8905, &(0x7f0000000000)) 23:37:36 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf5ffffff]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:36 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x0, 0x0) 23:37:36 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x60) 23:37:36 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x3c000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:37 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x280, 0x0) write$P9_RREADDIR(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="a6000000290100060000002003000000060000000000000000800000000000006107002e2f66696c65302802000000060000000000000005000000000000000207002e2f66696c65302000000000080000000000000001000000010000000007002e2f66696c65302002000000040000000000000006000000000000000407002e2f66696c65300002000000010000000000000041d20000000000000007002e2f66696c6530f62b680cfa1ae005dd01a4d01df0a866c4b648c6591b411e1e4900edd336f0ab868e0b1842d0631c335052461d78dd16e716bce5c1a7128fbe2b083e2ae566da56bd37f106314fe665b846fb2c3c032f2a6cefda244ef1e2f5df078a3a57c6b3af9d03aa14fbaa52504e1256370e7a6e315efc342a58a9c86d8bfb186dc3e7041aadb0179ee89cd284fd"], 0xa6) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$sock_ifreq(r3, 0x8935, &(0x7f0000000180)={'bcsh0\x00', @ifru_addrs=@sco={0x1f, {0x7, 0x5, 0x80000001, 0x4, 0x2, 0x100000000}}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:37 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffa888]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3338.026904] *** Guest State *** [ 3338.030256] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3338.059107] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 23:37:37 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x0, 0x0) [ 3338.077166] *** Guest State *** 23:37:37 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x300) [ 3338.105730] CR3 = 0x0000000000000000 [ 3338.114994] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3338.124369] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3338.137970] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3338.144667] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 23:37:37 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x3e000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:37 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffca88]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3338.159915] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3338.170238] CR3 = 0x0000000000000000 [ 3338.174091] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3338.185181] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3338.220685] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3338.231650] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3338.245492] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3338.252272] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 23:37:37 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x0, 0x0) [ 3338.265680] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3338.274773] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3338.296350] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3338.304464] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3338.313883] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3338.334688] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3338.343422] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3338.351884] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3338.360216] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3338.368719] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3338.388827] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3338.397429] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3338.409318] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3338.426597] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3338.434813] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3338.447926] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3338.454649] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3338.466141] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3338.475936] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3338.491176] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3338.498157] Interruptibility = 00000008 ActivityState = 00000000 [ 3338.504548] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3338.512499] *** Host State *** [ 3338.516056] RIP = 0xffffffff811b36f0 RSP = 0xffff8880583678b8 [ 3338.522180] Interruptibility = 00000008 ActivityState = 00000000 [ 3338.535753] *** Host State *** [ 3338.539075] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3338.551869] RIP = 0xffffffff811b36f0 RSP = 0xffff8880908df8b8 [ 3338.555491] FSBase=00007f97698c8700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3338.562540] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3338.578683] FSBase=00007f4b44f19700 GSBase=ffff8880ae800000 TRBase=fffffe0000033000 [ 3338.579161] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3338.590023] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3338.601802] CR0=0000000080050033 CR3=000000004e3b1000 CR4=00000000001426f0 [ 3338.605466] CR0=0000000080050033 CR3=00000000937e4000 CR4=00000000001426e0 [ 3338.611943] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3338.628248] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3338.628650] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3338.643350] *** Control State *** [ 3338.644005] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3338.650587] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3338.659860] *** Control State *** [ 3338.669300] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3338.677251] EntryControls=0000d1ff ExitControls=002fefff [ 3338.682807] EntryControls=0000d1ff ExitControls=002fefff [ 3338.693211] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3338.701488] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3338.713436] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3338.721401] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3338.728123] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3338.728132] reason=80000021 qualification=0000000000000000 [ 3338.728139] IDTVectoring: info=00000000 errcode=00000000 [ 3338.728146] TSC Offset = 0xfffff902162531ba [ 3338.728157] EPT pointer = 0x0000000058b0c01e [ 3338.743194] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3338.770562] reason=80000021 qualification=0000000000000000 [ 3338.779277] IDTVectoring: info=00000000 errcode=00000000 [ 3338.784825] TSC Offset = 0xfffff9022419b869 [ 3338.796641] EPT pointer = 0x00000000a509b01e 23:37:38 executing program 2: r0 = syz_open_dev$usb(&(0x7f00000009c0)='/dev/bus/usb/00#/00#\x00', 0x1, 0x80000) setsockopt$IP_VS_SO_SET_DELDEST(r0, 0x0, 0x488, &(0x7f00000001c0)={{0x0, @dev={0xac, 0x14, 0x14, 0x1e}, 0x4e20, 0x0, 'ovf\x00', 0x34, 0x7ff, 0x5e}, {@multicast1, 0x4e24, 0x10000, 0x7, 0x5, 0x1ff}}, 0x44) setsockopt$netrom_NETROM_T4(r0, 0x103, 0x6, &(0x7f0000000a00)=0x7, 0x4) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0xffffffffffffffff) socket$inet(0x2, 0x0, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f00000000c0)="c4a2819a0483b805000000b90b0000000f01d9b8010000000f01c1450f01f8f2450f79dd66660f3a22a90040000085c403dd0c4b873266baf80cb8a0438d82ef66bafc0c66b8a10066efd12866baa100b801000000ef", 0x56}], 0x1, 0x9, &(0x7f0000000180)=[@dstype3={0x7, 0xc}], 0x1) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x2, 0x0) ioctl$KVM_SMI(r3, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 23:37:38 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xc0045878, 0x0) 23:37:38 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x500) 23:37:38 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x3f000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:38 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x101000, 0x0) write$P9_RCLUNK(r3, &(0x7f00000000c0)={0x7, 0x79, 0x1}, 0x7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, {}, {}, {0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000}, {}, {}, {}, 0x8005001f, 0x0, 0xfffffffffffffffc, 0x28, 0x0, 0x6500, 0x0, [0x4, 0x0, 0x80000]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:38 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffdd86]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:38 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffff000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3339.044197] *** Guest State *** [ 3339.062801] CR0: actual=0x000000008005003f, shadow=0x000000008005001f, gh_mask=fffffffffffffff7 23:37:38 executing program 3 (fault-call:7 fault-nth:0): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) [ 3339.133647] CR4: actual=0x0000000000002068, shadow=0x0000000000000028, gh_mask=ffffffffffffe871 [ 3339.145682] CR3 = 0xfffffffffffffffc [ 3339.158988] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [ 3339.180808] RFLAGS=0x00000002 DR7 = 0x0000000000000400 23:37:38 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x40000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:38 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x600) 23:37:38 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff8d]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3339.215738] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3339.242323] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3339.265314] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 23:37:38 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) read(r1, &(0x7f0000000140)=""/138, 0x8a) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000000)="87f666b9800000c00f326635001000000f30f2a50f01cabaf80c66b8cc8a228566efbafc0cec0f231fb800008ee80f01f7bad10466eddc29", 0x38}], 0x1, 0x20, &(0x7f0000000100)=[@flags], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 3339.315900] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000010000 23:37:38 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff5]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3339.364034] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3339.375580] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3339.383595] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 23:37:38 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) 23:37:38 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x700) 23:37:38 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x41000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3339.554269] *** Guest State *** [ 3339.563333] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3339.580518] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3339.611085] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3339.634671] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3339.651152] CR3 = 0x0000000000000000 23:37:38 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0ffffffffffff]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3339.670733] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3339.703015] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3339.725803] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3339.743573] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3339.755639] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3339.761999] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3339.766246] EFER = 0x0000000000006500 PAT = 0x0007040600070406 [ 3339.813573] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3339.844532] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3339.858675] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3339.874418] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3339.892869] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3339.902145] Interruptibility = 00000000 ActivityState = 00000000 [ 3339.916974] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3339.930352] *** Host State *** [ 3339.935824] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3339.937692] RIP = 0xffffffff811b36f0 RSP = 0xffff8880876ff8b8 [ 3339.955645] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3339.975628] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3339.979707] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3339.995711] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3340.015618] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3340.017244] FSBase=00007f4b44f19700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3340.030405] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3340.055605] Interruptibility = 00000008 ActivityState = 00000000 [ 3340.059954] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3340.065861] *** Host State *** [ 3340.075548] RIP = 0xffffffff811b36f0 RSP = 0xffff888089f978b8 [ 3340.092148] CR0=0000000080050033 CR3=000000004e3b1000 CR4=00000000001426e0 [ 3340.095632] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3340.110394] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3340.115612] FSBase=00007f97698e9700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3340.132889] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3340.135487] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3340.145042] CR0=0000000080050033 CR3=000000009195e000 CR4=00000000001426e0 [ 3340.151384] *** Control State *** [ 3340.165493] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3340.166646] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2 [ 3340.172252] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3340.195423] *** Control State *** [ 3340.199243] EntryControls=0000d3ff ExitControls=002fefff [ 3340.205543] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3340.225525] EntryControls=0000d1ff ExitControls=002fefff [ 3340.231112] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3340.231286] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3340.251306] VMEntry: intr_info=80000002 errcode=00000000 ilen=00000000 [ 3340.259390] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3340.265743] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3340.272966] reason=80000021 qualification=0000000000000000 [ 3340.283198] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3340.294493] reason=80000021 qualification=0000000000000000 [ 3340.305641] IDTVectoring: info=00000000 errcode=00000000 [ 3340.315688] IDTVectoring: info=00000000 errcode=00000000 [ 3340.325562] TSC Offset = 0xfffff9019776e4fa [ 3340.325829] TSC Offset = 0xfffff901580eb8be [ 3340.334433] EPT pointer = 0x0000000093bbf01e [ 3340.358860] EPT pointer = 0x000000004e3b001e 23:37:39 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) r3 = dup2(r2, r0) ioctl$TIOCGSOFTCAR(r3, 0x5419, &(0x7f0000000000)) ioctl$VT_ACTIVATE(r3, 0x5606, 0x80000) ioctl$KVM_RUN(r3, 0xae80, 0x0) 23:37:39 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0xf00) 23:37:39 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x4f000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:39 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000002, 0x0) 23:37:39 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:39 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x1, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff}) write$uinput_user_dev(r3, &(0x7f0000000500)={'syz0\x00', {0x2, 0x3ff, 0x4, 0x7}, 0x16, [0x700, 0x1000, 0xfffffffffffffffe, 0x81, 0xfffffffffffffff9, 0xfffffffffffeffff, 0x57c, 0x1000, 0x800, 0xbe, 0x3, 0x5, 0x8000, 0x6, 0x3, 0x3, 0xad7, 0x0, 0x6e0, 0x6, 0x1, 0x0, 0x1, 0x9, 0x8, 0x1, 0x4, 0x1, 0x32, 0x3, 0x4ba, 0x90, 0x0, 0xb1, 0x5, 0x100000000, 0x2, 0x895f, 0x2, 0x6, 0xb12d, 0x100, 0x4, 0x8, 0x1, 0xfffffffffffffffd, 0x7, 0xbc0, 0x3, 0xfff, 0x3, 0x401, 0x10001, 0xb8, 0x6, 0x6850, 0x0, 0x8000, 0x3, 0x2, 0x8, 0x7, 0x0, 0x4], [0x6, 0x8, 0xffffffff, 0x2, 0x1ff, 0x1, 0x5, 0xf4, 0x9, 0x5, 0x3, 0x7fff, 0x2, 0x221c, 0xffff, 0xd1a, 0x9698, 0xffff, 0x8000000000000, 0xfffffffffffffffb, 0x7, 0x6, 0x962, 0x2, 0x7fffffff, 0xffffffffffff5e8d, 0x100000001, 0x8a, 0x350, 0x4398c620, 0x7f, 0x9, 0xff, 0x0, 0x200, 0x6, 0x6, 0x5, 0x3, 0x8, 0x247, 0x9, 0x4, 0x2, 0x4, 0xf4, 0x0, 0x0, 0x100, 0x43, 0x9, 0x3, 0x2, 0x8, 0x1ff, 0x3ff, 0x5, 0x40, 0x6, 0xffffffff80000000, 0x9, 0x1ff, 0x2, 0x200], [0xff, 0x9, 0x2, 0x10001, 0xbc36, 0x0, 0xffffffffffffff4f, 0x200, 0x7, 0x3e2, 0x101, 0x7fff, 0xffffffffffffefed, 0xf2d, 0x5, 0x7, 0xd5, 0x1, 0xb241, 0x4a79, 0x0, 0x7, 0x3ff, 0x3, 0x7, 0x3, 0x0, 0x8, 0x0, 0x2, 0x7fff, 0x0, 0x9, 0x40, 0x6, 0x8, 0x4, 0x7, 0xd34f, 0x0, 0x1000, 0x6, 0x1, 0x9, 0x0, 0x2, 0x6053, 0x2, 0x5, 0x8, 0xe48a, 0x7ff, 0x7, 0x6, 0x8, 0xfff, 0x0, 0x4, 0x2, 0x1, 0x80, 0x8001, 0x8, 0xfffffffffffffffb], [0x9, 0x200, 0xa03, 0x0, 0x6, 0x8, 0x5, 0x5, 0x9, 0x3, 0x29c9, 0x80000001, 0x4, 0x7, 0x400, 0x8001, 0xee, 0x5, 0x6b, 0x0, 0x7f, 0x8001, 0x3, 0x9525, 0x1000, 0x7fffffff, 0x8, 0x5, 0x2, 0xa8, 0x6a, 0x5, 0x7f, 0x7fffffff, 0x0, 0x8001, 0x8dd9, 0x8, 0xffff, 0x173, 0x415, 0x7, 0xf4, 0x7, 0x9, 0x5, 0x7f, 0x2000000000, 0xa8, 0xfc, 0xe60b, 0x0, 0xfffffffffffffffd, 0x7fffffff, 0x3, 0x450d, 0x1, 0xc6, 0x3, 0xffffffff80000001, 0x9, 0x6, 0x100, 0x3]}, 0x45c) openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r3, 0x84, 0x1a, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="cf00000060186ce1c1f9693716cee86da2b2aa0000000000000000e0a88a654cc21bb0bb7595d0a0a1f5168a0e044610e437b7fa773f57d404db0379f0f135b3d524fe5989e821f38f3f2cca297f9944e07bc439e42abefbc3db89a1967882363904d28d8b4af984f73d75a77144632f8df56e5d0e57f4bcf13a12dcbd5378d4523f01a77060a5a495b86667bd13ca0d0ec94be744a7d6c7ae7dd3a716ed866191b519c1f1794ad8aa7de4ad48c76d0d9a7e40efcac159b4500a1d0a65b0c6a278aa600e9e40a5b95e364854365c5cd7df7ef3"], &(0x7f00000001c0)=0xd7) openat$vnet(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/vhost-net\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000200)={r4, 0x55e, 0x1, 0x6, 0x1ff, 0x7}, &(0x7f0000000240)=0x14) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {0x0, 0x2}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) socket$inet_smc(0x2b, 0x1, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f0000000280)={0x0, 0x1, 0x101, 0x1, 0x7f}) 23:37:39 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3340.647003] *** Guest State *** [ 3340.664525] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:39 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x64000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:39 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x1100) [ 3340.717794] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3340.765076] CR3 = 0x0000000000000000 [ 3340.776106] RSP = 0x0000000000000000 RIP = 0x0000000000008000 23:37:39 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:39 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f0000000000)={0x800, 0x10001, 0x0, 0x7, 0x8001, 0x2, 0xd6}, 0xc) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) r3 = socket(0x1f, 0x6, 0xe3e) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0xc000, 0x0) setsockopt$bt_hci_HCI_TIME_STAMP(r3, 0x0, 0x3, &(0x7f00000000c0)=0x8, 0x4) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:39 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000011, 0x0) [ 3340.805506] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3340.841305] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3340.854601] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3340.899122] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3340.941450] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3340.970355] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3341.007873] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3341.023494] *** Guest State *** [ 3341.035892] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3341.044850] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3341.070897] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3341.085673] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3341.094668] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3341.103049] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3341.111473] CR3 = 0x0000000000000000 [ 3341.115305] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3341.121741] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3341.130119] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3341.136491] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3341.143276] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3341.150909] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3341.159236] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3341.167084] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3341.175243] Interruptibility = 00000008 ActivityState = 00000000 [ 3341.181869] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3341.190255] *** Host State *** [ 3341.193539] RIP = 0xffffffff811b36f0 RSP = 0xffff8880a85578b8 [ 3341.199965] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3341.208361] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3341.214854] FSBase=00007f4b44f19700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3341.223015] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3341.231381] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3341.239720] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3341.245977] CR0=0000000080050033 CR3=00000000876a3000 CR4=00000000001426e0 [ 3341.253123] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3341.261472] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3341.268532] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3341.276872] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3341.283045] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3341.291403] *** Control State *** [ 3341.294956] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3341.301996] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3341.310353] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3341.317095] EntryControls=0000d1ff ExitControls=002fefff [ 3341.322635] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3341.329925] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3341.337761] Interruptibility = 00000008 ActivityState = 00000000 [ 3341.344202] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3341.351607] *** Host State *** [ 3341.354928] RIP = 0xffffffff811b36f0 RSP = 0xffff88807fdcf8b8 [ 3341.361265] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3341.370709] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3341.377768] reason=80000021 qualification=0000000000000000 [ 3341.384095] IDTVectoring: info=00000000 errcode=00000000 [ 3341.384102] TSC Offset = 0xfffff900b8c6810c [ 3341.384112] EPT pointer = 0x000000008e1dd01e [ 3341.384234] FSBase=00007f97698e9700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3341.408515] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3341.414640] CR0=0000000080050033 CR3=00000000a3521000 CR4=00000000001426e0 [ 3341.422400] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3341.429881] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3341.436607] *** Control State *** [ 3341.440308] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3341.447846] EntryControls=0000d1ff ExitControls=002fefff [ 3341.453601] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3341.461370] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3341.468786] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3341.476046] reason=80000021 qualification=0000000000000000 [ 3341.482748] IDTVectoring: info=00000000 errcode=00000000 [ 3341.489065] TSC Offset = 0xfffff90092f023cb [ 3341.493728] EPT pointer = 0x00000000a8c2f01e 23:37:40 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffff9c, 0x84, 0x11, &(0x7f0000000000)={0x0, 0x1}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000100)={r3, @in={{0x2, 0x4e21}}, 0xfffffffffffffc78, 0x7}, &(0x7f00000001c0)=0x90) 23:37:40 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x2000) 23:37:40 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:40 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x65000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:40 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000048, 0x0) 23:37:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) r3 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x202000, 0x0) bind$llc(r3, &(0x7f00000000c0)={0x1a, 0x0, 0x9, 0xad, 0x3, 0x81, @dev={[], 0x16}}, 0x10) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 3341.734329] *** Guest State *** 23:37:40 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3341.760292] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3341.822509] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 23:37:41 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x8000004c, 0x0) [ 3341.877438] CR3 = 0x0000000000000000 [ 3341.897213] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3341.919521] *** Guest State *** 23:37:41 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:41 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x3f00) [ 3341.936878] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3341.944143] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:41 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x66000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3341.982213] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3341.997573] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3342.007996] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3342.020961] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3342.046019] CR3 = 0x0000000000000000 [ 3342.049983] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3342.065595] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3342.091292] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3342.098668] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3342.119262] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3342.135563] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 23:37:41 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3342.147127] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3342.169395] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3342.176158] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3342.190274] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3342.229917] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3342.237929] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3342.237951] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3342.237964] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3342.238271] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3342.295165] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3342.308604] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3342.317813] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3342.325990] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3342.334080] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3342.334099] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3342.350359] Interruptibility = 00000008 ActivityState = 00000000 [ 3342.356737] *** Host State *** [ 3342.360008] RIP = 0xffffffff811b36f0 RSP = 0xffff8880587878b8 [ 3342.366155] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3342.374220] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3342.382434] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3342.390008] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3342.396575] FSBase=00007f4b44f19700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3342.404472] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3342.412093] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3342.418155] Interruptibility = 00000008 ActivityState = 00000000 [ 3342.424488] CR0=0000000080050033 CR3=000000009891d000 CR4=00000000001426e0 [ 3342.431649] *** Host State *** [ 3342.434929] RIP = 0xffffffff811b36f0 RSP = 0xffff888051ed78b8 [ 3342.441044] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3342.447879] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3342.454394] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3342.460595] FSBase=00007f97698c8700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3342.468530] *** Control State *** [ 3342.472067] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3342.478889] EntryControls=0000d1ff ExitControls=002fefff [ 3342.484506] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3342.488444] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3342.491581] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3342.509419] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3342.515500] CR0=0000000080050033 CR3=0000000099594000 CR4=00000000001426e0 [ 3342.525481] reason=80000021 qualification=0000000000000000 [ 3342.533664] IDTVectoring: info=00000000 errcode=00000000 [ 3342.539480] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3342.546677] TSC Offset = 0xfffff9002208bd4e [ 3342.551204] EPT pointer = 0x00000000a01c901e [ 3342.555766] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3342.561921] *** Control State *** [ 3342.566231] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3342.573130] EntryControls=0000d1ff ExitControls=002fefff [ 3342.578883] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3342.586174] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3342.593080] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3342.599949] reason=80000021 qualification=0000000000000000 [ 3342.606651] IDTVectoring: info=00000000 errcode=00000000 [ 3342.612353] TSC Offset = 0xfffff9000da7ee73 [ 3342.616962] EPT pointer = 0x000000009476901e 23:37:41 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f00000000c0)=0xc) r4 = add_key(&(0x7f0000000100)='id_resolver\x00', &(0x7f0000000140)={'syz', 0x2}, &(0x7f0000000180)="6604f79208088526f4254bf69a33479b122a2064b9110aef3f5dbed5bad40a453ba09ca8572e34b5df1cf461cf2daa806b48ab035eee768bea37a0c86cdb20596722007f039d78189eabef68de141173d3b970371f8aa02d828d35028b25cf760ab234e723a6496fb478bcacbfe886183ec664ce555392e587ebae183499cceede536bbfe06b6e45e48fbfc516ba3eb67e0f8c86349b68ab67050f30f0d44ee4c2dab5b1661b4808b79c747d26120ebdd1602e773f041b88f9aa464032ce43846a16ded63f6f4f2c822c973001b5273733b634004997", 0xd6, 0xffffffffffffffff) keyctl$get_persistent(0x16, r3, r4) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:41 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x67000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:41 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x4000) 23:37:41 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x806000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:41 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000068, 0x0) 23:37:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x807, 0xfffffffffffffffc) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 3342.829390] *** Guest State *** [ 3342.832782] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:42 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd00000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3342.884547] *** Guest State *** [ 3342.895682] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:42 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x6effffff) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:42 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x6000) [ 3342.927324] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3342.945522] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3342.964472] CR3 = 0x0000000000000000 [ 3342.981957] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3342.986541] CR3 = 0x0000000000000000 [ 3343.001311] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3343.010443] RSP = 0x0000000000000000 RIP = 0x0000000000008000 23:37:42 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x8000006c, 0x0) 23:37:42 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3343.035546] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3343.041678] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3343.065876] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3343.099659] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3343.108852] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3343.129957] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3343.145696] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3343.167494] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:42 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x80040000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3343.199944] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3343.226040] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3343.231235] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3343.245607] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3343.278481] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3343.305813] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3343.345818] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3343.353836] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3343.362056] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3343.395998] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3343.412856] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3343.422109] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3343.436715] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3343.443229] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3343.451593] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3343.459510] Interruptibility = 00000008 ActivityState = 00000000 [ 3343.466429] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3343.474416] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3343.482738] *** Host State *** [ 3343.486262] RIP = 0xffffffff811b36f0 RSP = 0xffff88804aeb78b8 [ 3343.492392] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3343.499161] FSBase=00007f97698e9700 GSBase=ffff8880ae800000 TRBase=fffffe0000033000 [ 3343.507408] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3343.516205] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3343.522203] CR0=0000000080050033 CR3=00000000800d4000 CR4=00000000001426f0 [ 3343.529972] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3343.537853] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3343.544873] Interruptibility = 00000008 ActivityState = 00000000 [ 3343.551586] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3343.558005] *** Host State *** [ 3343.561324] RIP = 0xffffffff811b36f0 RSP = 0xffff888058bc78b8 [ 3343.567688] *** Control State *** [ 3343.571230] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3343.578331] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3343.584866] FSBase=00007f4b44f19700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3343.593201] EntryControls=0000d1ff ExitControls=002fefff [ 3343.599629] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3343.606936] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3343.612922] CR0=0000000080050033 CR3=000000009891d000 CR4=00000000001426e0 [ 3343.620365] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3343.627524] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3343.634316] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3343.641474] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3343.647875] reason=80000021 qualification=0000000000000000 [ 3343.657166] *** Control State *** [ 3343.660744] IDTVectoring: info=00000000 errcode=00000000 [ 3343.666755] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3343.673631] TSC Offset = 0xfffff8ff8ca13ba5 [ 3343.678440] EPT pointer = 0x000000008ef4701e [ 3343.682989] EntryControls=0000d1ff ExitControls=002fefff [ 3343.707443] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3343.716106] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3343.722923] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3343.738747] reason=80000021 qualification=0000000000000000 [ 3343.754158] IDTVectoring: info=00000000 errcode=00000000 [ 3343.768279] TSC Offset = 0xfffff8ff8482dac6 [ 3343.772873] EPT pointer = 0x0000000053d2f01e 23:37:42 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/qat_adf_ctl\x00', 0x2000, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r1, 0xc018620b, &(0x7f0000000180)={0x0}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000002c0)={0x1c, 0x0, &(0x7f00000001c0)=[@request_death={0x400c630e, 0x2, 0x3}, @free_buffer={0x40086303, r4}], 0xb5, 0x0, &(0x7f0000000200)="49d805b1990f45b43728fad82a6175f6d02ce62144a62d4644fd04b11b9e57db5bef28a0b299743a0c6c592b262f7d0ab3da8ff4eab7cba386b64d63cbc523ebb74e99bbb88f638c13f6b80dc3607fedaa81867836e56a3416b74e7ccd79563a66716d32111837f02ef5e2fefa981e5c5ad985188d42e4db1dda081a5b4ef60a05cd47371b31fa2139986ed9bd4d3dfdd9663ca4e1ac61fa6ad2058fe168ce76dce8cfb507397d88b0d46455666a3d07b1359a0998"}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) r5 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x4, 0x4801c0) r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x1, 0x40) ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000100)={r5, 0x7fff, 0x8, r6}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:42 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:42 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x80ffff) 23:37:42 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000074, 0x0) 23:37:42 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xe8030000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:42 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000240)={0x3f}) uselib(&(0x7f0000000000)='./file0\x00') ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f00000000c0)=0xf004) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) getpeername(r3, &(0x7f0000000140)=@xdp={0x2c, 0x0, 0x0}, &(0x7f00000001c0)=0x80) setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000200)={@dev={0xac, 0x14, 0x14, 0x1a}, @multicast1, r4}, 0xc) connect$inet(r3, &(0x7f0000000100)={0x2, 0x4e21, @rand_addr=0x2}, 0x10) ioctl$KVM_RUN(r2, 0xae80, 0x0) r5 = syz_open_dev$adsp(&(0x7f0000000280)='/dev/adsp#\x00', 0x1, 0x8000) r6 = syz_genetlink_get_family_id$nbd(&(0x7f0000000300)='nbd\x00') sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x38, r6, 0x8, 0x70bd28, 0x25dfdbfc, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x9}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xfffffffffffff654}]}, 0x38}, 0x1, 0x0, 0x0, 0xe4739da642382845}, 0x0) 23:37:43 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2800000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3343.954383] QAT: Invalid ioctl [ 3343.967823] *** Guest State *** [ 3343.971117] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3344.016515] *** Guest State *** [ 3344.028401] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3344.044474] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3344.061511] CR3 = 0x0000000000000000 23:37:43 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xf0ffffff) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:43 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c00000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3344.065273] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3344.071426] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 23:37:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x1000000) [ 3344.131270] CR3 = 0x0000000000000000 [ 3344.135016] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3344.161680] RFLAGS=0x00000002 DR7 = 0x0000000000000400 23:37:43 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x8000007a, 0x0) [ 3344.180862] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3344.189889] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3344.221488] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 23:37:43 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3344.256872] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3344.264865] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3344.273360] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3344.288729] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3344.298074] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3344.330302] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3344.353706] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3344.355474] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3344.379318] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3344.409388] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3344.442795] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3344.465825] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3344.473969] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3344.489906] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3344.512611] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3344.523300] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3344.541175] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3344.549464] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3344.565463] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3344.583668] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3344.590243] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3344.598330] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3344.598353] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3344.598364] Interruptibility = 00000008 ActivityState = 00000000 [ 3344.598369] *** Host State *** [ 3344.598382] RIP = 0xffffffff811b36f0 RSP = 0xffff8880a31678b8 [ 3344.598405] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3344.598418] FSBase=00007f97698c8700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3344.598430] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3344.655433] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3344.662897] Interruptibility = 00000008 ActivityState = 00000000 [ 3344.669578] CR0=0000000080050033 CR3=000000004fc6d000 CR4=00000000001426e0 [ 3344.674465] *** Host State *** [ 3344.679865] RIP = 0xffffffff811b36f0 RSP = 0xffff88809060f8b8 [ 3344.691692] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3344.698197] FSBase=00007f4b44f19700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3344.706039] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3344.706055] CR0=0000000080050033 CR3=000000007fbd3000 CR4=00000000001426e0 [ 3344.706072] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3344.706085] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3344.720762] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3344.743736] *** Control State *** [ 3344.747524] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3344.759994] *** Control State *** [ 3344.768985] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3344.802691] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3344.809642] EntryControls=0000d1ff ExitControls=002fefff [ 3344.821695] EntryControls=0000d1ff ExitControls=002fefff [ 3344.827479] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3344.834552] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3344.847824] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3344.855329] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3344.868802] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3344.878525] reason=80000021 qualification=0000000000000000 [ 3344.884985] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3344.895014] IDTVectoring: info=00000000 errcode=00000000 [ 3344.904257] TSC Offset = 0xfffff8feef71c6d5 [ 3344.913085] reason=80000021 qualification=0000000000000000 [ 3344.922640] EPT pointer = 0x000000005617e01e [ 3344.930540] IDTVectoring: info=00000000 errcode=00000000 [ 3344.939588] TSC Offset = 0xfffff8fef5f4c0f4 [ 3344.944207] EPT pointer = 0x000000009ad5501e 23:37:44 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rfkill\x00', 0x8200, 0x0) ioctl$VIDIOC_STREAMON(r3, 0x40045612, &(0x7f0000000100)=0x100000000) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) socket$inet_sctp(0x2, 0x1, 0x84) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mq_open(&(0x7f0000000080)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x0, 0x4}) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(&(0x7f0000000240)=ANY=[], &(0x7f0000000140)='./file0\x00', &(0x7f0000000440)='cgroup2\x00', 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0//ile0\x00', 0x0) syz_genetlink_get_family_id$fou(&(0x7f00000001c0)='fou\x00') openat$null(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/null\x00', 0x400000, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000740)='cgroup.events\x00', 0x0, 0x0) write$UHID_GET_REPORT_REPLY(r4, 0x0, 0x87a3f1de13593b8f) stat(&(0x7f0000000800)='./file1\x00', &(0x7f0000000780)) statfs(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)=""/250) setsockopt$inet6_MRT6_DEL_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd3, &(0x7f00000006c0)={{0xa, 0x4e24, 0x1, @ipv4={[], [], @multicast1}}, {0xa, 0x0, 0x0, @mcast1}, 0x0, [0x7, 0x4, 0x0, 0x0, 0x0, 0x80000001]}, 0x5c) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) lsetxattr$security_capability(&(0x7f0000000200)='./file0\x00', &(0x7f0000000280)='security.capability\x00', &(0x7f0000000400)=@v2={0x2000000, [{0x3f, 0x5}, {0x0, 0x758}]}, 0x14, 0x1) syz_open_dev$usbmon(&(0x7f0000000100)='/dev/usbmon#\x00', 0x3, 0xc0) rmdir(&(0x7f0000000340)='./file0//ile0\x00') socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r4, 0x10e, 0x1, &(0x7f0000000380)=0x6, 0x12f) socket$nl_generic(0x10, 0x3, 0x10) 23:37:44 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:44 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xf2ffffff) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:44 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80001100, 0x0) 23:37:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x2000000) 23:37:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) r3 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x400) ioctl$DRM_IOCTL_ADD_MAP(r3, 0xc0286415, &(0x7f00000000c0)={&(0x7f0000ffe000/0x1000)=nil, 0x7, 0x0, 0x4, &(0x7f0000ffc000/0x1000)=nil, 0x13e9}) ioctl$KVM_GET_XCRS(r3, 0x8188aea6, &(0x7f0000000100)=ANY=[@ANYBLOB="0700000000000000fbd8000000000000ffff0000000000004300000000000000040000000000000009000000000000000900000000000000810000000000000009000000000000000100008000000000810000000000000005000000000000000000000001000014ff03000000000000ff07000000000000"]) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:44 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3345.192773] *** Guest State *** [ 3345.196323] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:44 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xf3ffffff) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:44 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800e000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3345.243246] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3345.274146] CR3 = 0x0000000000000000 23:37:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x3000000) [ 3345.305524] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3345.320757] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3345.330217] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3345.341245] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3345.390718] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:44 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x8000242b, 0x0) 23:37:44 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8035000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3345.454290] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3345.493894] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3345.535720] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3345.547186] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3345.581250] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3345.601644] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3345.618999] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3345.686418] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3345.705514] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3345.725526] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3345.757723] Interruptibility = 00000008 ActivityState = 00000000 [ 3345.765747] *** Host State *** [ 3345.785474] RIP = 0xffffffff811b36f0 RSP = 0xffff888058bc78b8 [ 3345.791559] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3345.815728] FSBase=00007f97698c8700 GSBase=ffff8880ae800000 TRBase=fffffe0000033000 [ 3345.835468] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3345.841458] CR0=0000000080050033 CR3=000000004fc6d000 CR4=00000000001426f0 [ 3345.848939] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3345.855907] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3345.862041] *** Control State *** 23:37:45 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) io_setup(0xcc23, &(0x7f0000000000)=0x0) r4 = syz_open_dev$media(&(0x7f00000001c0)='/dev/media#\x00', 0xc3, 0x0) io_cancel(r3, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x200, r2, &(0x7f00000000c0)="3a8a89a38716abd1ee4e97990442f302fade72d999abfff0d97fdd5f148348e404dd8d022c470a1076c82a41ac3a1ac802943415926d4179787134f338acfae360ed5bd7cd04463583cdf429e22b57ab6bdea1e4d98e2fdce21f79b13c964212eb9f51fb28bf79536eb184fd337fee4795969cea53de280a7b2c2f8b927891f366a54c2eb990c280da767ba883403f9326cadab24421bf5ea8090a2085ed3d484c9accb4e061d9bb377ba43e30ca164455fd5ca2d16a908a910deb451fbbeb5947fcb9743f80fdbe0c", 0xc9, 0xdf9, 0x0, 0x0, r4}, &(0x7f0000000240)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:45 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xfdfdffff) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:45 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x4000000) 23:37:45 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8100000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:45 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80002b24, 0x0) [ 3345.865858] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3345.872617] EntryControls=0000d1ff ExitControls=002fefff [ 3345.878538] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3345.885807] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3345.892802] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3345.938405] reason=80000021 qualification=0000000000000000 [ 3345.966729] IDTVectoring: info=00000000 errcode=00000000 [ 3345.999001] TSC Offset = 0xfffff8fe4c31eedc [ 3346.017893] EPT pointer = 0x00000000917fa01e [ 3346.122428] *** Guest State *** [ 3346.155588] CR0: actual=0x000000008005003f, shadow=0x000000008005001f, gh_mask=fffffffffffffff7 [ 3346.164558] CR4: actual=0x0000000000002068, shadow=0x0000000000000028, gh_mask=ffffffffffffe871 [ 3346.198401] CR3 = 0x0000000000000000 [ 3346.202140] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3346.211751] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3346.221542] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3346.232811] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3346.244255] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3346.259970] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3346.270232] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3346.282600] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3346.292756] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3346.304940] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3346.320536] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3346.328801] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3346.342772] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3346.351067] EFER = 0x0000000000006500 PAT = 0x0007040600070406 [ 3346.363515] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3346.371250] Interruptibility = 00000008 ActivityState = 00000000 [ 3346.383448] *** Host State *** [ 3346.387734] RIP = 0xffffffff811b36f0 RSP = 0xffff88808d23f8b8 [ 3346.393726] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3346.406194] FSBase=00007f9769865700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3346.414002] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3346.424947] CR0=0000000080050033 CR3=000000004fc6d000 CR4=00000000001426f0 [ 3346.433239] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3346.444816] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3346.452132] *** Control State *** [ 3346.460958] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3346.468919] EntryControls=0000d3ff ExitControls=002fefff [ 3346.474382] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3346.487293] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3346.493980] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3346.504596] reason=80000021 qualification=0000000000000000 [ 3346.513149] IDTVectoring: info=00000000 errcode=00000000 [ 3346.523700] TSC Offset = 0xfffff8fe4c31eedc [ 3346.530516] EPT pointer = 0x00000000917fa01e 23:37:45 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x4800) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r3, 0x84, 0x16, &(0x7f00000000c0)={0x5, [0x6, 0x0, 0x5, 0x75eeccaf, 0x401]}, &(0x7f0000000100)=0xe) 23:37:45 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86ddffff00000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:45 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xfee00000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:45 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80004800, 0x0) 23:37:45 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x5000000) 23:37:45 executing program 1: r0 = timerfd_create(0x91e70705f5f8b40c, 0x800) fcntl$getownex(r0, 0x10, &(0x7f0000000000)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SMI(r3, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r4, 0x40042409, 0x1) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 3346.664169] *** Guest State *** 23:37:45 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8847000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3346.693966] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3346.728488] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 23:37:45 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xffff0f00) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3346.761748] CR3 = 0x0000000000000000 [ 3346.778483] *** Guest State *** [ 3346.781810] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3346.795780] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3346.805523] RFLAGS=0x00000002 DR7 = 0x0000000000000400 23:37:46 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8848000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3346.837067] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3346.854881] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3346.862892] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 23:37:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x6000000) 23:37:46 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80004c00, 0x0) [ 3346.931351] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3346.935983] CR3 = 0x0000000000000000 [ 3346.952336] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3346.962087] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:46 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8864000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3346.977052] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3346.993663] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3346.998275] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3347.051910] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3347.060400] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3347.076927] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3347.118112] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3347.142137] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3347.144374] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3347.168766] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3347.187740] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3347.199442] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3347.209992] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3347.223395] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3347.231230] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3347.246136] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3347.250607] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3347.254267] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3347.277018] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3347.280978] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3347.283614] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3347.306398] Interruptibility = 00000008 ActivityState = 00000000 [ 3347.307068] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3347.312824] *** Host State *** [ 3347.328513] RIP = 0xffffffff811b36f0 RSP = 0xffff88804fad78b8 [ 3347.334672] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3347.339069] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3347.343230] FSBase=00007f97698c8700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3347.349019] Interruptibility = 00000008 ActivityState = 00000000 [ 3347.363110] *** Host State *** [ 3347.366626] RIP = 0xffffffff811b36f0 RSP = 0xffff88809060f8b8 [ 3347.372637] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3347.372877] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3347.379382] FSBase=00007f4b44f19700 GSBase=ffff8880ae800000 TRBase=fffffe0000033000 [ 3347.393170] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3347.398744] CR0=0000000080050033 CR3=000000009f01c000 CR4=00000000001426e0 [ 3347.399503] CR0=0000000080050033 CR3=0000000099cb1000 CR4=00000000001426f0 [ 3347.413401] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3347.420426] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3347.430866] *** Control State *** [ 3347.444234] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3347.445732] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3347.455490] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3347.470042] EntryControls=0000d1ff ExitControls=002fefff [ 3347.476642] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3347.483873] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3347.485398] *** Control State *** [ 3347.491124] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3347.494107] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3347.501573] reason=80000021 qualification=0000000000000000 [ 3347.515913] IDTVectoring: info=00000000 errcode=00000000 [ 3347.521629] TSC Offset = 0xfffff8fd807d858d [ 3347.526577] EPT pointer = 0x0000000086f8e01e [ 3347.532520] EntryControls=0000d1ff ExitControls=002fefff [ 3347.547377] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3347.568424] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3347.589679] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3347.607418] reason=80000021 qualification=0000000000000000 [ 3347.627406] IDTVectoring: info=00000000 errcode=00000000 [ 3347.632903] TSC Offset = 0xfffff8fd74f836d2 [ 3347.637384] EPT pointer = 0x00000000533a201e 23:37:46 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:46 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88a8ffff00000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:46 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xffff8000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:46 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80006800, 0x0) 23:37:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x7000000) 23:37:46 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x8000000000008002, 0x0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x4000, 0x0) ioctl$VIDIOC_S_OUTPUT(r1, 0xc004562f, &(0x7f0000000100)) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000080)) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SMI(r3, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) r4 = dup2(r0, r3) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) ioctl$UFFDIO_ZEROPAGE(r4, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f0000000140)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 23:37:46 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88caffff00000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:47 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xfffffdfd) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:47 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) openat$cgroup(r3, &(0x7f00000000c0)='syz0\x00', 0x200002, 0x0) [ 3347.901598] *** Guest State *** [ 3347.912495] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:47 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0xf000000) [ 3347.942356] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 23:37:47 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80006c00, 0x0) [ 3347.995601] CR3 = 0x0000000000000000 [ 3347.999472] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3348.030517] *** Guest State *** [ 3348.033970] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:47 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906000000000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3348.045285] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3348.060462] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3348.067433] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3348.086645] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3348.097964] CR3 = 0x0000000000000000 [ 3348.107746] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3348.126844] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3348.137301] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3348.155705] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3348.185552] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3348.193716] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3348.205573] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3348.225604] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3348.233740] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3348.241896] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3348.257169] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3348.265312] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3348.285492] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3348.293600] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3348.305703] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3348.325517] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3348.333650] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3348.341813] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3348.341847] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3348.358063] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3348.366282] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3348.366648] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3348.374419] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3348.390098] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3348.397791] Interruptibility = 00000008 ActivityState = 00000000 [ 3348.404200] *** Host State *** [ 3348.407622] RIP = 0xffffffff811b36f0 RSP = 0xffff88808baef8b8 [ 3348.413774] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3348.420423] FSBase=00007f4b44f19700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3348.420557] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3348.428435] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3348.440948] CR0=0000000080050033 CR3=000000007f26d000 CR4=00000000001426e0 [ 3348.448205] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3348.455044] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3348.461377] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3348.469007] *** Control State *** [ 3348.472596] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3348.479443] Interruptibility = 00000008 ActivityState = 00000000 [ 3348.485855] EntryControls=0000d1ff ExitControls=002fefff [ 3348.491454] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3348.498557] *** Host State *** [ 3348.501846] RIP = 0xffffffff811b36f0 RSP = 0xffff88808c1978b8 [ 3348.507991] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3348.514787] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3348.521547] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3348.528162] reason=80000021 qualification=0000000000000000 [ 3348.534600] FSBase=00007f97698c8700 GSBase=ffff8880ae800000 TRBase=fffffe0000033000 [ 3348.542573] IDTVectoring: info=00000000 errcode=00000000 [ 3348.548213] TSC Offset = 0xfffff8fcc2e305ce [ 3348.552657] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3348.558721] EPT pointer = 0x000000008cf5601e [ 3348.563260] CR0=0000000080050033 CR3=000000009963e000 CR4=00000000001426f0 [ 3348.570565] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3348.584365] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3348.590637] *** Control State *** [ 3348.594236] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3348.601090] EntryControls=0000d1ff ExitControls=002fefff [ 3348.606755] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3348.613814] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3348.620739] *** Guest State *** [ 3348.624032] CR0: actual=0x000000008005003f, shadow=0x000000008005001f, gh_mask=fffffffffffffff7 [ 3348.633207] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3348.640322] CR4: actual=0x0000000000002068, shadow=0x0000000000000028, gh_mask=ffffffffffffe871 [ 3348.649358] reason=80000021 qualification=0000000000000000 [ 3348.656872] IDTVectoring: info=00000000 errcode=00000000 [ 3348.675545] CR3 = 0x0000000000000000 [ 3348.679682] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3348.686213] TSC Offset = 0xfffff8fcd8e33e38 [ 3348.690740] EPT pointer = 0x00000000961aa01e [ 3348.705814] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3348.712761] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3348.735807] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3348.743823] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 23:37:47 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r1, 0x114, 0xa, &(0x7f0000000000)={0x2, "c5ea"}, 0x3) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {0xfffffffffffffffe}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:47 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xffffff6e) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:47 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8dffffff00000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:47 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x11000000) 23:37:47 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80007400, 0x0) [ 3348.791042] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3348.888061] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3348.923525] *** Guest State *** [ 3348.927407] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:48 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf5ffffff00000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3348.957462] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3348.960131] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3348.988775] CR3 = 0x0000000000000000 [ 3348.998378] RSP = 0x0000000000000000 RIP = 0x0000000000008000 23:37:48 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xfffffff0) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3349.013721] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3349.034985] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3349.045829] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 23:37:48 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffff000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3349.066646] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3349.070760] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3349.083081] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3349.125607] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3349.134954] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3349.141195] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3349.183965] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3349.192528] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3349.210307] EFER = 0x0000000000006500 PAT = 0x0007040600070406 [ 3349.235205] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3349.242776] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3349.242796] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3349.273203] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3349.282491] Interruptibility = 00000008 ActivityState = 00000000 [ 3349.288124] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3349.295707] *** Host State *** [ 3349.302494] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3349.305794] RIP = 0xffffffff811b36f0 RSP = 0xffff888051ed78b8 [ 3349.311544] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0xfffffffffffffffe [ 3349.324588] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3349.329971] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3349.337952] FSBase=00007f4b44ef8700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3349.343889] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3349.353366] Interruptibility = 00000008 ActivityState = 00000000 [ 3349.354937] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3349.365662] *** Host State *** [ 3349.365677] RIP = 0xffffffff811b36f0 RSP = 0xffff888051cd78b8 [ 3349.365703] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3349.365715] FSBase=00007f97698c8700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3349.379987] CR0=0000000080050033 CR3=000000007f26d000 CR4=00000000001426e0 [ 3349.386889] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3349.398243] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3349.407704] CR0=0000000080050033 CR3=000000005b73a000 CR4=00000000001426e0 [ 3349.421278] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3349.421788] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3349.434194] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3349.434304] *** Control State *** [ 3349.449521] *** Control State *** [ 3349.452991] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3349.455546] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3349.463466] EntryControls=0000d1ff ExitControls=002fefff [ 3349.472167] EntryControls=0000d3ff ExitControls=002fefff [ 3349.474125] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3349.483414] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3349.484714] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3349.500646] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3349.504605] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3349.514237] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3349.514250] reason=80000021 qualification=0000000000000000 [ 3349.533471] reason=80000021 qualification=0000000000000000 [ 3349.533757] IDTVectoring: info=00000000 errcode=00000000 [ 3349.551734] TSC Offset = 0xfffff8fc4ccfeb94 [ 3349.552381] IDTVectoring: info=00000000 errcode=00000000 [ 3349.556407] EPT pointer = 0x00000000971e901e [ 3349.572238] TSC Offset = 0xfffff8fcc2e305ce [ 3349.577671] EPT pointer = 0x000000008cf5601e 23:37:48 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x8000) ioctl$VIDIOC_SUBDEV_G_FRAME_INTERVAL(r1, 0xc0305615, &(0x7f00000000c0)={0x0, {0x3f, 0x4}}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SMI(r3, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 23:37:48 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x20000000) 23:37:48 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:48 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80007a00, 0x0) [ 3349.645595] *** Guest State *** [ 3349.682159] CR0: actual=0x000000008005003f, shadow=0x000000008005001f, gh_mask=fffffffffffffff7 [ 3349.737053] CR4: actual=0x0000000000002068, shadow=0x0000000000000028, gh_mask=ffffffffffffe871 [ 3349.754429] *** Guest State *** [ 3349.764287] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3349.776198] CR3 = 0x0000000000000000 [ 3349.784585] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3349.792486] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3349.812647] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3349.819597] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3349.832968] CR3 = 0x0000000000000000 [ 3349.838206] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3349.844379] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3349.859022] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3349.872968] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3349.889640] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3349.901646] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3349.914233] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3349.922256] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3349.922277] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3349.922296] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3349.922310] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3349.922330] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3349.922353] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3349.936160] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3349.975421] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0xfffffffffffffffe [ 3349.985293] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3350.001816] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3350.005460] EFER = 0x0000000000006500 PAT = 0x0007040600070406 [ 3350.010552] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3350.025456] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3350.030010] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3350.041626] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3350.045454] Interruptibility = 00000008 ActivityState = 00000000 [ 3350.055898] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3350.064895] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3350.065447] *** Host State *** [ 3350.078725] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3350.085456] RIP = 0xffffffff811b36f0 RSP = 0xffff88808ed278b8 [ 3350.089749] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3350.092762] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3350.105738] FSBase=00007f97698a7700 GSBase=ffff8880ae800000 TRBase=fffffe0000033000 [ 3350.113623] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3350.118915] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3350.119668] CR0=0000000080050033 CR3=000000005b73a000 CR4=00000000001426f0 [ 3350.134100] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3350.141467] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3350.141654] Interruptibility = 00000008 ActivityState = 00000000 [ 3350.147704] *** Control State *** [ 3350.157481] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3350.164232] EntryControls=0000d3ff ExitControls=002fefff [ 3350.165469] *** Host State *** [ 3350.169799] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3350.174094] RIP = 0xffffffff811b36f0 RSP = 0xffff8880543878b8 [ 3350.179947] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3350.179957] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3350.179965] reason=80000021 qualification=0000000000000000 [ 3350.179973] IDTVectoring: info=00000000 errcode=00000000 [ 3350.179984] TSC Offset = 0xfffff8fc4ccfeb94 [ 3350.192321] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3350.205412] EPT pointer = 0x00000000971e901e [ 3350.211649] FSBase=00007f4b44f19700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3350.232390] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3350.241390] CR0=0000000080050033 CR3=0000000083d1b000 CR4=00000000001426f0 [ 3350.254470] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3350.261914] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3350.274132] *** Control State *** [ 3350.278026] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3350.284819] EntryControls=0000d1ff ExitControls=002fefff 23:37:49 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:49 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xfffffff2) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x3f000000) 23:37:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup2(r0, r1) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000000c0)={&(0x7f0000000000)='./file0\x00', r2}, 0x10) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) write$tun(r2, &(0x7f0000000100)={@void, @val={0x3, 0x80, 0xffffffffffffff7f, 0xc0, 0xf6fe, 0x7ff}, @eth={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @dev={[], 0xe}, [{[], {0x8100, 0x100, 0x3794, 0x1}}], {@x25={0x805, {0x3, 0x7fff, 0x0, "1a662495f632f263d8adb986c771c5003b6756d00d3e92767bf139590f06730eb2686d5ba2f91b51b8b56c8a90f4b9d84cac87dedb438c963896dfde6de7db4ab052c3a75701620b9f1ccde729ea1dcd8837b26d6c23dfc69d597912813b197761dbee3e323dc3f7e6f06b4560ffeaf59398bc3be3947bb77c6088912f863a0be843c4bf18"}}}}}, 0xa4) ioctl$KVM_SMI(r3, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {0x0, 0x1f000, 0x20000000000000}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0xfffffffffffffffc, 0x28, 0x0, 0x6500, 0xfffffffffffffffe}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 23:37:49 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x400, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000080), &(0x7f00000000c0)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r2 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) ioctl$CAPI_NCCI_OPENCOUNT(r1, 0x80044326, &(0x7f0000000100)=0x1) fcntl$setownex(r3, 0xf, &(0x7f0000000280)={0x2, r2}) ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f00000002c0)=0x0) syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x7ff, 0x4082) wait4(r4, 0x0, 0x80000000, 0x0) [ 3350.293254] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3350.334860] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 23:37:49 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3350.395893] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3350.431385] reason=80000021 qualification=0000000000000000 23:37:49 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) prctl$PR_MCE_KILL_GET(0x22) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)) wait4(r1, 0x0, 0x8, 0x0) 23:37:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x40000000) [ 3350.486082] IDTVectoring: info=00000000 errcode=00000000 [ 3350.523554] TSC Offset = 0xfffff8fbd4fcbc04 [ 3350.552248] EPT pointer = 0x00000000976ef01e 23:37:49 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:49 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xfffffff3) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:49 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) r3 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x101040, 0x0) bind$pptp(r3, &(0x7f00000000c0)={0x18, 0x2, {0x2, @empty}}, 0x1e) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x60000000) 23:37:49 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x202000, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000040)={0x0, @in6={{0xa, 0x4e20, 0x1, @ipv4={[], [], @loopback}, 0x4c6}}, 0x8, 0x0, 0x0, 0x7, 0xa}, &(0x7f0000000100)=0x98) setsockopt$inet_sctp6_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000140)={r3, 0x1}, 0x8) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000400)={r2, 0x10, &(0x7f0000000240)={&(0x7f0000000300)=""/201, 0xc9, 0x0}}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000005c0)='veth0_to_hsr\x00', 0x10) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000440)=r4, 0x4) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000540)={r3, 0x8}, &(0x7f0000000580)=0x8) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r5 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setownex(r6, 0xf, &(0x7f0000000280)={0x2, r5}) ioctl$sock_FIOGETOWN(r6, 0x8903, &(0x7f00000002c0)=0x0) kcmp$KCMP_EPOLL_TFD(r5, r8, 0x7, r1, &(0x7f0000000200)={r2, r7, 0x9}) write$vhci(r2, &(0x7f0000000480)=@HCI_ACLDATA_PKT={0x2, "02779745182f67fabf2ea654cf44e66471d89f1950dfbbb15f1880093811f56b644b38b4b607981f9991c94e2b8dd373058be5452ac28f"}, 0x38) modify_ldt$write(0x1, &(0x7f00000004c0)={0x0, 0x0, 0xffffffffffffffff, 0x6, 0x9, 0x8, 0x8, 0x7, 0x6, 0x3f}, 0x10) ioctl$SIOCRSSL2CALL(r2, 0x89e2, &(0x7f0000000500)=@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}) 23:37:50 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3350.976770] *** Guest State *** [ 3350.980128] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3350.980160] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3350.980168] CR3 = 0x0000000000000000 [ 3350.980177] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3350.980189] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3351.055804] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3351.062828] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 23:37:50 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3351.116119] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:50 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x200000003) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3351.162847] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0xffff8000) [ 3351.208245] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:50 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x3, 0x2) r2 = syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0x0, 0x2) ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000080)={0x3, r2}) r3 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$nfc_llcp(r5, &(0x7f0000000080)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "5d60de8432cad96a39ba49192698ffa4d64f45ac4a4ff096e9c0e5de423d433cf5be96aa6fef469275a6647a7c3673881e88208b2259ee87f30f9e298d398d"}, 0x60) sendto(r5, &(0x7f0000000100)='B', 0x1, 0x0, 0x0, 0x0) fcntl$setownex(r4, 0xf, &(0x7f0000000280)={0x2, r3}) ioctl$sock_FIOGETOWN(r4, 0x8903, &(0x7f00000002c0)=0x0) wait4(r6, 0x0, 0x80000000, 0x0) 23:37:50 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3351.249476] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3351.283023] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:50 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x64f, 0x20000000) mkdirat(r1, &(0x7f00000000c0)='./file0\x00', 0x51) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SMI(r3, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 3351.304315] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3351.323188] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 23:37:50 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3351.364951] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3351.400028] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3351.427096] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3351.456700] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 23:37:50 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x8000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3351.487738] Interruptibility = 00000008 ActivityState = 00000000 [ 3351.510593] *** Guest State *** [ 3351.522441] *** Host State *** [ 3351.536051] RIP = 0xffffffff811b36f0 RSP = 0xffff88807f9ef8b8 [ 3351.545799] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3351.575988] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3351.588038] FSBase=00007f97698c8700 GSBase=ffff8880ae800000 TRBase=fffffe0000033000 [ 3351.605667] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3351.611914] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3351.621223] CR0=0000000080050033 CR3=000000009eaaf000 CR4=00000000001426f0 [ 3351.628686] CR3 = 0x0000000000000000 [ 3351.632611] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3351.639758] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3351.646212] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3351.652456] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3351.659353] *** Control State *** [ 3351.663040] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3351.670349] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3351.677421] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3351.685765] EntryControls=0000d1ff ExitControls=002fefff [ 3351.691442] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3351.706211] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3351.713319] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3351.721891] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3351.730265] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3351.737434] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3351.751522] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3351.775558] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3351.782652] reason=80000021 qualification=0000000000000000 [ 3351.789961] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3351.798405] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3351.806847] IDTVectoring: info=00000000 errcode=00000000 [ 3351.812430] TSC Offset = 0xfffff8fb3370c1a0 [ 3351.817142] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3351.825229] EPT pointer = 0x00000000a4c2301e [ 3351.830025] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3351.855618] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3351.863871] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3351.871718] Interruptibility = 00000008 ActivityState = 00000000 [ 3351.878395] *** Host State *** [ 3351.881762] RIP = 0xffffffff811b36f0 RSP = 0xffff88805a3178b8 [ 3351.889012] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3351.896964] FSBase=00007f4b44ed7700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 23:37:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cpu.stat\x00', 0x0, 0x0) accept4$tipc(r3, &(0x7f0000000200), &(0x7f0000000240)=0x10, 0x80800) r4 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x2000, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffff9c, 0x84, 0x6d, &(0x7f00000000c0)={0x0, 0x4e, "88750070ffd92ed1b0f029ed800cc900cbd5129cd42197eab2d49838f9a747b27f5b6d444ae0eee34ead2a6e367f359e2ab1917bfebdb60b4fd6968f02fe8fe35795bfc6bbd0f6c1da2058b3628a"}, &(0x7f0000000140)=0x56) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r4, 0x84, 0x78, &(0x7f0000000180)=r5, 0x4) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:51 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x940, 0x0) ioctl$DRM_IOCTL_FREE_BUFS(r3, 0x4010641a, &(0x7f00000000c0)={0x2, &(0x7f0000000080)=[0x7fff, 0x2]}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r4, 0x0, 0x80000000, 0x0) socketpair(0xd, 0x0, 0x6, &(0x7f0000000000)) 23:37:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x8000000000) 23:37:51 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:51 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x7f34cf7a2700) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3351.904906] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3351.915743] CR0=0000000080050033 CR3=000000008fe21000 CR4=00000000001426e0 [ 3351.949958] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3351.980188] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3352.003270] *** Control State *** [ 3352.017858] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 23:37:51 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3352.049176] *** Guest State *** [ 3352.052525] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3352.063686] EntryControls=0000d1ff ExitControls=002fefff [ 3352.087411] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3352.105601] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3352.123823] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3352.133841] CR3 = 0x0000000000000000 [ 3352.149246] RSP = 0x0000000000000000 RIP = 0x0000000000008000 23:37:51 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xe0fe00000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3352.157701] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 23:37:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x7f5ecd0ac700) [ 3352.203754] reason=80000021 qualification=0000000000000000 [ 3352.215474] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3352.242362] IDTVectoring: info=00000000 errcode=00000000 23:37:51 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3352.251695] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3352.265748] TSC Offset = 0xfffff8fae68b2562 [ 3352.275541] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3352.285743] EPT pointer = 0x000000008c9f101e [ 3352.315706] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000000c0)={0x3, 0x0, @pic={0x8, 0xfffffffffffffff9, 0x6, 0x400, 0xffffffffffff0001, 0x9, 0x10001, 0x9a61, 0x80000000, 0x5, 0x7, 0x7f, 0x8, 0xfffffffffffffffd, 0x19f, 0x80000000}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:51 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) ioctl$sock_SIOCSPGRP(r2, 0x8902, &(0x7f0000000000)=r3) wait4(r3, 0x0, 0x80000000, 0x0) [ 3352.368496] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3352.434657] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3352.473064] *** Guest State *** 23:37:51 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xc000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3352.479139] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3352.491175] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3352.497354] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3352.513499] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3352.523960] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3352.527951] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3352.546037] CR3 = 0x0000000000000000 [ 3352.559007] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3352.569642] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3352.595867] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3352.603995] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3352.635556] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3352.636485] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3352.648966] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3352.662202] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3352.675682] Interruptibility = 00000008 ActivityState = 00000000 [ 3352.678283] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3352.685788] *** Host State *** [ 3352.698324] RIP = 0xffffffff811b36f0 RSP = 0xffff888051cd78b8 [ 3352.710754] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3352.711529] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3352.717607] FSBase=00007f97698c8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3352.733623] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3352.739990] CR0=0000000080050033 CR3=0000000098568000 CR4=00000000001426f0 [ 3352.748348] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3352.757122] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3352.763908] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3352.772213] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3352.778660] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3352.788966] *** Control State *** [ 3352.792430] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3352.799490] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3352.808200] EntryControls=0000d1ff ExitControls=002fefff [ 3352.813666] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3352.821092] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3352.829378] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3352.837764] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3352.844546] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3352.853073] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3352.860081] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3352.867066] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3352.874654] reason=80000021 qualification=0000000000000000 [ 3352.882542] Interruptibility = 00000008 ActivityState = 00000000 [ 3352.898643] IDTVectoring: info=00000000 errcode=00000000 [ 3352.904230] *** Host State *** [ 3352.908663] RIP = 0xffffffff811b36f0 RSP = 0xffff88804d1478b8 [ 3352.914799] TSC Offset = 0xfffff8faa0634f6a [ 3352.919713] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3352.926742] EPT pointer = 0x000000009959401e [ 3352.931576] FSBase=00007f4b44f19700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3352.940127] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3352.946440] CR0=0000000080050033 CR3=0000000054cae000 CR4=00000000001426e0 [ 3352.953576] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3352.960646] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3352.967087] *** Control State *** [ 3352.970672] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3352.975563] *** Guest State *** [ 3352.977798] EntryControls=0000d1ff ExitControls=002fefff [ 3352.980673] CR0: actual=0x000000008005003f, shadow=0x000000008005001f, gh_mask=fffffffffffffff7 [ 3352.980690] CR4: actual=0x0000000000002068, shadow=0x0000000000000028, gh_mask=ffffffffffffe871 [ 3352.980697] CR3 = 0x0000000000000000 [ 3352.980706] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3352.980719] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3353.020819] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3353.021027] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3353.035261] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3353.042597] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3353.048477] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3353.049560] reason=80000021 qualification=0000000000000000 [ 3353.076592] IDTVectoring: info=00000000 errcode=00000000 [ 3353.082182] TSC Offset = 0xfffff8fa62d74b48 [ 3353.086956] EPT pointer = 0x00000000a82f101e [ 3353.088525] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3353.124832] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3353.133005] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3353.146983] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3353.155061] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3353.175178] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3353.185266] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3353.199422] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3353.209375] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3353.221812] EFER = 0x0000000000006500 PAT = 0x0007040600070406 [ 3353.230552] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3353.242416] Interruptibility = 00000008 ActivityState = 00000000 [ 3353.250629] *** Host State *** [ 3353.253837] RIP = 0xffffffff811b36f0 RSP = 0xffff88804fad78b8 [ 3353.263941] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3353.272413] FSBase=00007f97698a7700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3353.284509] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3353.292439] CR0=0000000080050033 CR3=0000000098568000 CR4=00000000001426e0 [ 3353.303362] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3353.312084] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3353.322032] *** Control State *** [ 3353.327620] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3353.334294] EntryControls=0000d3ff ExitControls=002fefff [ 3353.343738] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3353.352710] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3353.363180] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3353.371718] reason=80000021 qualification=0000000000000000 [ 3353.381908] IDTVectoring: info=00000000 errcode=00000000 [ 3353.389378] TSC Offset = 0xfffff8faa0634f6a [ 3353.393705] EPT pointer = 0x000000009959401e 23:37:52 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x13) 23:37:52 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x80ffff00000000) 23:37:52 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f00000000c0), 0x0, 0x0, 0x0) r1 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x4, 0x200000) r2 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) fsetxattr$trusted_overlay_redirect(r3, &(0x7f0000000000)='trusted.overlay.redirect\x00', &(0x7f0000000040)='./file0\x00', 0x8, 0x3) fcntl$setownex(r4, 0xf, &(0x7f0000000280)={0x2, r2}) ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f00000002c0)=0x0) r6 = openat$cgroup_ro(r1, &(0x7f00000000c0)='io.stat\x00', 0x0, 0x0) ioctl$KDGETKEYCODE(r6, 0x4b4c, &(0x7f0000000100)={0xb1, 0xd0}) wait4(r5, 0x0, 0x80000000, 0x0) 23:37:52 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x10000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:52 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_init_net_socket$ax25(0x3, 0x5, 0x6) sendmsg(r3, &(0x7f00000001c0)={&(0x7f00000000c0)=@ax25={{0x3, @bcast, 0x5}, [@bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000000)="bccec2c96884cb0cf01304c44bfebb84", 0x10}, {&(0x7f0000000140)="85b3c6347834d90b9f2c725af8503bcc36bce6ee94229494d14b00eb17ee7e8aa54a4caeea", 0x25}], 0x2, &(0x7f0000000500)=[{0x1010, 0x11d, 0x2, "aba170ae64a6d522d26472fbdecde3c5b8b09c0bcfb8838ede8ca5b2d795a3ad5b1073804d2fbd36679822996a83d97363cd7a0bde23a794a974687be598d98b5f07503ae42e14c1a7c87d9d0702ca581be140e6c14ea2fc5bfd33e3d57136822c28d60fd2c760a877c50f3c89db84a4cffc3edd5a333eb732c0db6e0e8cd31ebe3005bcbfa2765881624ad2a5baf3f61afb7c16796c4e680f2c0c650d97cfcf62da1b642c234b360ed29eba906862c1ecb5a7c4d2491d506e853016bce95af3de60dce8771b5b8033f88c0742df3350871be3b8881e182bd5af3c6db50155505dc1595b6c21eaa369fe5da3e0bbef660b06a77684ab6b79b0fccf73d3eac282470d338ce8ce93ad8b4fde33dd6249bfd6d1cec6cc0eade1235d02a81ccc3831f6024b1a089cd3344c90fb4a8dd693d90e081d6264508d34f521cf7b650a7a80080bc05463505a6a69beee4c852d79a049c94a37b15df66e141cb90e378021ae40464f1fae17b18a63dd0ab3422ecfea53db0b754277210e86f274a6bdb54398aa9a5a64c6e231f86f70e693714201de51713797b096d00791c01c4a8d36c9487776d0c39fc657a53b66cad6960c67eed36190dcdd748ad4c21fc675d55ef849aea4bb5ca20d83a528c996ee3597371a05c382b06581e0f6dc3131929a04ed3723d3ccae24025a2c3b7e4d776f87d20ff9e4a45b94775ea620d7dcbfa4a28adfdf990ceae382e33138d5a7a6973e8788a25e4c789ca59c5576f3d3aa3fcd764d8422d0894bc59bd266d724372151a544d02375a61259d89f6b0976e9dfaf6a27ab5908097952cf18da3f6e7e6624111773cb6d43f23d9c07a9e757a86f229d2441ba78aede867fc9d3861798db1b46da5edc521fd831a58f16088fe148e6dc2afbc75b59a400ae89a7a88bde299728a76524a539886e77db6dd7eccb2b4bce60e6a1ab1cc6c55877d00f5d234d588ee429b75d921141c2b2a36e499f48cc8e9317aa7062a33d1d029ad25c50515a03c745ed81168fe1c5b5660338a57b08b6f54b0b804153dbd961582704d74c8efb0732a0ea461a726b695947e35b0f3e5735e91448d07ee0ae6c78be926d2807647794865ddf3301d351b769ec6390f13166e97e47c394f825cf4d03fb1689721dfd6867da59a764f07082a344d93876a102052a7fe2c7fdfc419ec9ac56a4ce15762e52d08db4e4cb7f15a9b3416929a75825a758551185ea2757881a340bb8e174f60f8144bc8b68a326d52f3465144c3cdcaaf75abbac66f21f11531cb8dcbfea32182abfa93235a4aa7724f1e9a41730b325790989e2d9e09a5b2371f9a4eb182a30d95d7abd346c94891d95a46f06cf2b78d70ba9c2cc268fad218cce17b7e26e2320b3dac54ba3f40e781a0595f2ad629f5248f9c1da35264d97aae87ce7076683a331d823e36b217471920d15d6727e0363890c7118a6d0231d7a68762c2b9679f1254509b4708c3f3468cb2051131b50e200edb7a7fb1b4d5821fbc70c37296b2fac4574ef02017f95961a76aa40d03516fe5c02902ceed01ab3600b869be7a985135a25a31d197a8851f92eadf40f3a3cb41097160454bc504b80f1b149b77120f5fbaeda611b2a325a0181056597c699cc09575ece7b4a0d50860a581d60525009b4934bd2fb96fb32cc22036a443b21a312794a0fe419f68b16fabc8bfc20696b4625ea82c8f103939397c92cd2a2dfb7e4fa8607f2ac22f9b0ea4965ab7d98af3d4f52e22e1f8f6a72aa41b3aaca7cc4b4894ef34c80eda2b12e3c58d208d8dab7709c470c1218c2f5b6dccda8129f69f6309ab37b7f98bfea9cfa0029db9574cbcf23bb151ac36546f60a44d507db9463620b4f42e99086c2cee896009c6772e1b26d0dff54f3d329b1bd5743a9ad82881ed647290556e224157edde1ba7b3070c76ce973d22b2af2b7406fb02f7a04f408921cdcabe8b0585da6427b6d1a70b5e3e9cd6e4020e03cb2579ac8fe35b4ee207d28641641bbcc1f7e6ecd721f4130fac8e072c02346c6280d5d47df341706b1d5e99ba8ec9f00e29832bd14c8d688def85fb9985a5fb4bd52e13354767bf0314d410ae2250e4b750cbf3c53e69c434c9dacdd22e1870dfc27260fa2d8535ba44272f4823b4746329574cbd48926f6e92df96a7172d647c85fef7d4c1162bd905136a230841267e0ce07fe816f19272b9d2f3d99143c2ef16b257901e73f3797f5b36837a6917dfed97967f5bbb65aaf06005dbb03961bb57c4a3653e56134bbe7935a96fedb4f10b823dae6da85a56b8af8bb9b9764f8fb88fce0444487a2896e3c0c914c93a01fe3d7e9a155bf0da9791f5b1013b3d0aa70c1935d6d07275ddf041bc6621ba849e98006f7ab7a28dd237ea8faad5b3277604fa3e3717b43c127b7b08d7484514cc4f407cdf38e3daacfee6423f9e5ceaed6a86dfac8d96e9ee24d1c09e3da516607095353497129cb93686c3d3c279051dba386d520f0f4a21b18f7ea7267926619887860ac8ce7a7763d08efb407694a9dd9afed779b9f40f9121260fc88d004545b0fe7b75888a7131928a6c317aa300ca1a9dd385313ad3390db5f92c427775617a211b0258e8a7a23d2f8a1193cbfb18443e3ba703fa8a253814a5eb5c4580e4f530f2e9cd1d002f4a67358f4922cde60367950d1b6401e0577535b8200f2fcb1d776b91056c6448456d0f7938aab63b8dec536b92219f8bc09eb97d682b940715efbd04fb9956bde580f9a8bcd65a02c2ab3793399ff244d84ffdcd171b05441091f14e143afaa9b89dcb7663c91bc742481d1e797d0c6ab994cd4524374f15215876a7ebc576c518e3cea208da800cf0888073792a6f4f77faef809470ebfa915a51750ebbc828dd91a3039909fc46167ad77b23ebc9112e6f48fb5e9027c5aed78c4007997a0b2aa6dc0b04622e687af8563a889d5e91efb4db50f8db6f049f590797c9fb15a11b2bce7a0c14f9e66b97b640cc9d0fc6fa50e3fe84bd1337d58cd0ab15a6da20dc4f420a67e23478c9b6471eb2c2307a5252a86bfd46133dce1a59377fd536f5b9f8b9089736c1875b2bfb5f1a84b79adbbfc6175916424cbae9a7b9168291a55780c81b28bfe0376c5435c040ba128c67457eaea9c85897b1305381f9e23f7dfe91c63d4cdf9ac35864ea6b66bb1ecb72cd57058851f68a5167a41df9010ef21bcac00a5fcb33685af838e92db9c5c8817f0589369762907c6b3023014b5259cf12c092b80a75d638d86215a111273331a4d9f82865494cb2f5b3bb55c0daaf635e0da5e64c0aae954b651329e5ce5bcbc8e4811164d2c39daf9f68c731d3e565b387545606859761e15806d1ebaca51fb24247906dbd817c666074cb3400e045f5a16a932e9abe36bd069a9f2537fb46ec17cf1abd27e577352bdf993403c2f4be94230f0e102ddb91af9a62530e34abb3150b801ca83bb8663e4447b236f4ca55d169d3443e868ae690abb390b7c9ca0d7c2460a994e5685f3df2ed50e96ce3acd4b7d177ae6bff563d7ee5fbc296f33449e64c6c9ab84ab3f5ffd7daf3542872469fb03e9d8476b4d3364f888cdf90d5382825e3d25948080d24827467ab598b27c25f80aa354ba40e69b2f3803a99bcefe7bdbd5e96782a168640abcadfd10d2b3db1342c8b84c0142d28623b9444209321ed35512c071bf340e8a0bad73f9a6aed5ba171c34c2e23088336815bd045441bc5320116f1b35666c29a148a36c2c5db419ca3c3fc43e1846084452f4f9ef0fffacaf43995c2fd0e341920529212e71c213915a2eddd6fb47cf7c5e387d00f8cfe6e02af86d329799587f419507a2d111089f313d36eb6fae147793155ae545616f67c14136b81a6528dc194190c17d406a5225e9bbf7de0c51dcb3bcf9c08c20de4b56c86588dbd442ce18c8fbc4ce12d0df3e5e4461300849f65cf13fe99afb5f28b487e2e6de9c8d12de45068f050e8162b4ead8dd84dee9500dee0c839c18ab8285b759f35f85bf2718ecc5ffa2cc74880a6fb62958d316f674dad3802a39fb7ce8df328ee0d3e3764575f043ae2fd209dbc244ff5110aae694c5635139184be31ee3e7c513453e580407ea0e7fc164b1839ef63d90787e9dd463f00bafe308ad956c9afff47554b33a88d4d44d74c05799984fad626f40264fc2b76a40881040cb3427d4636e640dd3ba70f34559384056490dee9fb55422d13dba2b1cd8ece0b7f7a33e3722ef237cf270708e784b1a4b2c129f620cb8a79087020cb22812e8aa993c78f0714c8e0cfea53bf17d01e12810e25f2f00052518d3f94b7dcfdc549bc5c128a5ac2bb943014e5586ce3e489163f0eda118a80aae7f1cc8d610a8cfb93addb70b5aec801f47bb5800b39392427a1b31e2be42e8964c31646469951f0db5ae1527d5824c39fbff3c7b2d22d3c3532c66f2d95cb06f52c873c60d6df79e5c4317477957249c2c78df773222ef37d924ce61427e4202a0d5e98a5b964d1806405ea29b342b9be535a4e7c226d166e26dddd27a980df77d9207f220cad3180a5783bcec7bee994868663ffaa02c748d17585d96d779cbd80fb2af99794aaf727f735ac9579cc53d6a17e036a229207b36bb854067421776e180703b288eb3a75ce383a39fbed1b2b574cfc6ba6c17887037bfbfeeabc78aff9e0ad75e2cd995427af8878047bb2076cb5d856f0d91d1b131d7b924bece9ee694b7f636ff89c71c0a52caf4c14c3f419a084063ceb97431bcc45c369f3c18084878defee95aa803f606248d5ab19111ff763548d47d5116df1d70ccdf3e78e49937da56d75aa63a0a0380eb3bf675e2ce82486f21e17739c8f531c96413a8b014f823b4a8a691cc83532069962fc7a077b5fee4a1bcce309932b991a8066f655fdde33e0eb199704eb0b5f0de82e8c04137c42aa5955c0aa99467d310b4fd99a27e8bdebf105c532a9d9cefdb80b5e78f73134afde9a5b010ebd8672cffb64919fbe9e43896bb7a2a31d9f4a2caec4a2ff43192c2270255bf52c3caee80881cf5fddf0785a13f5cd3a624cdc166377d45f74218b476e683e22f4ca95185754b93a3496626053410e854c6dca0b13f0f750d0210812c9c677e170b7185494f4bf4c31b290e68f5ed222d10eb439ee253f9c67abf27f93d0732f70c4aa62eabdc8ecf5289e39a3f7abb8b482a10e08cce6b677623e73a4b93dc23ac8b9aba123db8df2b17285bbf2e4422e1b2e8abcf00b0c88bb5f723c1c3ae42960900e3602b04e04b1ef1566ae3576fb506caa405abe08d00b60262ddff63270d665f304b5b874ea4bcc901d9735222eb8c6f3d2cdd11d5a17a1698342ab46d1bdef27c559f71ea0a616203290452ab20040311355a31dc21bb4a1b03984da5cae6eb1f5cf43d50be04aacd7f8611acceb16336e9ef5bf09d0c7b13b997ba6a7d9d989a75e92dde718cc827f55adeac86e86f8ff08d2cca467386a13bf09529bb09f41693bf80b03591c429887feb22b6ca4238fec31bbb7d874096d82cade21cbcb2cd9e805dd124a698bc3cb7ffba775305c6a47639143e601ab54b705175b007f9aec72185629e76adaf5655e5a6176dd7d9fcad45f843f9d19c8d7bf3a15981ee00b317798fc775109f26b8c9d2cff0ba91f460a23a29209c426d4a01c83c944443889ee3bbe3d711a89de803e313485cd41319decfbdc69e403aa16884eb4f9f18ed40d5348a4a21a864b87ed4d7b20db91ccc546fceab1d3133c3360c3cc80a72769437141b306ce48c51490395a869d3e09d2b017b649a06d7"}, {0xf8, 0x10b, 0x9, "ce5d1cd866e335565a581e4e81045d41286e756ed80546b614b3e825d8098815ae7f09411c66216f1d5dd3e161c2b3b142f7b8c77e47d2aeeca44bcb54f4c1fac2032980f3abd2d1afde22ea4ae378a0e9d91c7f401fe74b64c8d97b12381a837a65654ec634c4185251b838bd3d2e88731fa24917d56df1179cb62725f07060225161c68aafa9038c9c20d153acddf34eee6f4da659afd51d761e656e832ff4c30cbadbbc29d64af24c75d111f4065adecb115c3c790baf6fae026f12ccf909e7e5215d6f7fc34936d4fb6e199d0960ea816de36b13fb14ddd7966ee521ada08dc00288158b32"}, {0x48, 0x0, 0x6, "cb1d924ae4ef785669f4d9b42f67ecd0bd446573792a4b0605ef1c923ee1610f61e4f551021a5050354cd473edf2ef68a28b729f722ab0"}], 0x1150}, 0x4000044) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 3353.538603] *** Guest State *** [ 3353.541927] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:52 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/null\x00', 0x103440, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000100)='selinux*\'posix_acl_access\x00') ioctl$CAPI_GET_PROFILE(r2, 0xc0404309, &(0x7f0000000080)=0xfff) setsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000040)={0x77359400}, 0x10) socketpair(0x5, 0x0, 0x3, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r3, 0x111, 0x3, 0x0, 0x4) r4 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r5, 0xf, &(0x7f0000000280)={0x2, r4}) ioctl$sock_FIOGETOWN(r5, 0x8903, &(0x7f00000002c0)=0x0) wait4(r6, 0x0, 0x80000000, 0x0) [ 3353.584159] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3353.607862] *** Guest State *** [ 3353.611198] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3353.623680] CR3 = 0x0000000000000000 23:37:52 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:52 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x277acf347f0000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3353.650539] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3353.655727] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3353.677126] CR3 = 0x0000000000000000 [ 3353.683878] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3353.685554] RSP = 0x0000000000000000 RIP = 0x0000000000008000 23:37:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0xc70acd5e7f0000) [ 3353.711432] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3353.715351] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3353.738971] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3353.743892] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3353.765449] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3353.766143] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3353.792640] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3353.819485] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3353.845837] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3353.853327] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:53 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3353.888169] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3353.891640] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3353.916318] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:53 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x80ffff00000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3353.950733] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3353.955810] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3353.974950] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3354.014924] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3354.035706] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3354.041070] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3354.053396] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3354.090128] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3354.106311] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3354.116789] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3354.131399] Interruptibility = 00000008 ActivityState = 00000000 [ 3354.135503] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3354.140027] *** Host State *** [ 3354.154395] RIP = 0xffffffff811b36f0 RSP = 0xffff8880549e78b8 [ 3354.165542] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3354.172225] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3354.180361] FSBase=00007f4b44f19700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3354.180375] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3354.180391] CR0=0000000080050033 CR3=0000000099594000 CR4=00000000001426e0 [ 3354.180406] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3354.202034] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3354.215545] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3354.235493] Interruptibility = 00000008 ActivityState = 00000000 [ 3354.241881] *** Host State *** [ 3354.255504] RIP = 0xffffffff811b36f0 RSP = 0xffff88805147f8b8 [ 3354.261602] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3354.261804] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3354.273382] *** Control State *** [ 3354.277720] FSBase=00007f97698c8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3354.278165] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3354.295441] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3354.300742] EntryControls=0000d1ff ExitControls=002fefff [ 3354.315459] CR0=0000000080050033 CR3=000000008856c000 CR4=00000000001426f0 [ 3354.322565] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3354.331632] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3354.338815] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3354.345220] *** Control State *** [ 3354.355275] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3354.362410] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3354.375508] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3354.375989] EntryControls=0000d1ff ExitControls=002fefff [ 3354.382094] reason=80000021 qualification=0000000000000000 [ 3354.382103] IDTVectoring: info=00000000 errcode=00000000 [ 3354.382109] TSC Offset = 0xfffff8f9d1f3118f [ 3354.382120] EPT pointer = 0x00000000a509301e [ 3354.441177] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3354.453855] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3354.491151] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3354.500648] reason=80000021 qualification=0000000000000000 [ 3354.522907] IDTVectoring: info=00000000 errcode=00000000 [ 3354.540607] TSC Offset = 0xfffff8f9cb9d5446 [ 3354.571540] EPT pointer = 0x00000000991e101e 23:37:53 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) clone(0x200000, &(0x7f0000000040)="379361e4249320d58c3835a6ec371def224fcf5c45a0a7ccb939263d0992703f41a3cefa2d73a25ec5737fcacbbb34817db188a4eae87139942e6e17e866f745b5a32fcd63cb826e5e182c0f627e0075bdc88e281c37604de3d3700455571f172f69b17e216235", &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000300)="856e3151a510cabebb5bd53bb865e3702e984bffd9bfeb283ef3da728c050ac3910a7feef03c5d973ed4889a7273f5cc0d6556b372b200e0662c99998af7c672ede43406ee02204c5d80d32ee462aab17e1a3f4b615206f6daed14cce144543953beb7b64c3e9e06ae89f79f2112238082d60e5fe8d19b3fc7096af2d53822f3759ad087c9cb9ff3e786724990cfac9d26afbab009b44c4a20f0319512d1a0d1f4a39ed4fa91ad1d0a25128cf36a3f") pipe2(&(0x7f0000000140)={0xffffffffffffffff}, 0x4000) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r3, 0x114, 0xa, &(0x7f0000000200)=ANY=[@ANYBLOB="0307bca1acf779186cfef3fb7debf270cee1dd09d813c90400000000000000000000000000000000"], 0x4) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r4, 0x0, 0x80000000, 0x0) 23:37:53 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x543]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:53 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x100000000000000) 23:37:53 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x100000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:53 executing program 1: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x2020c2, 0x0) pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/sync_refresh_period\x00', 0x2, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='net/ip_vs_stats_percpu\x00') r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180)='TIPC\x00') sendmsg$TIPC_CMD_SET_NETID(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x408}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r4, 0x200, 0x70bd25, 0x25dfdbfc, {{}, 0x0, 0x800b, 0x0, {0x8, 0x2, 0x9c}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4008080}, 0x11) ioctl$KVM_SMI(r3, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x4000000000000, 0x200, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 23:37:53 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x101000, 0x0) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000100)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100002}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00', @ANYRES16=r1, @ANYBLOB="010226bd7000fddbdf25010000000000000009410000004c0018000000c973797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x68}, 0x1, 0x0, 0x0, 0x80}, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000002c0)={0x0, @in={{0x2, 0x4e20, @loopback}}}, &(0x7f0000000380)=0x84) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000500)={r3, 0x7fff}, &(0x7f0000000540)=0x8) ioctl$KVM_GET_CPUID2(r0, 0xc008ae91, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000000000000000000000000000000000001c00000000000000000000000000000000000000000000000000000000000000000000000000000000001d7604abef4455f20000e53ef2ec230000000000000000000000"]) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r4, 0xaeb7) ioctl$KVM_SET_GUEST_DEBUG(r0, 0x4048ae9b, &(0x7f0000000580)={0x10000, 0x0, [0x2, 0x3, 0xfffffffffffffffc, 0x200, 0x1ff, 0x5f, 0x7ff, 0x3]}) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 23:37:53 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:53 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = dup2(r0, r0) r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0)='TIPC\x00') sendmsg$TIPC_CMD_GET_NODES(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r2, 0x500, 0x70bd28, 0x25dfdbfe, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SMI(r4, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 23:37:53 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) write$RDMA_USER_CM_CMD_GET_EVENT(r3, &(0x7f0000000000)={0xc, 0x8, 0xfa00, {&(0x7f00000000c0)}}, 0x10) 23:37:53 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x200000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x200000000000000) 23:37:54 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x608]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3354.940150] *** Guest State *** [ 3354.943573] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3355.003585] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3355.015761] *** Guest State *** [ 3355.019162] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3355.044489] CR3 = 0x0000000000000000 [ 3355.065818] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3355.084890] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3355.115574] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3355.121805] CR3 = 0x0000000000000000 [ 3355.126580] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3355.138095] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3355.151489] RFLAGS=0x00000002 DR7 = 0x0000000000000400 23:37:54 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x300000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:54 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x689]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:54 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) wait4(r2, 0x0, 0x80000000, 0x0) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x101000, 0x0) setsockopt$l2tp_PPPOL2TP_SO_RECVSEQ(r3, 0x111, 0x2, 0x0, 0x4) 23:37:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x300000000000000) [ 3355.166784] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3355.174896] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3355.185026] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3355.220036] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3355.232074] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3355.241001] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:54 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3355.266281] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3355.277359] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3355.289283] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3355.306279] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3355.327081] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3355.343158] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:54 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x300000002000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3355.392600] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3355.399866] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3355.442635] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3355.450988] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3355.500493] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3355.500692] IDTR: limit=0x00000000, base=0x0000000000000000 23:37:54 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x806]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3355.559659] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3355.606540] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3355.612889] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3355.661418] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3355.668221] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3355.696254] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3355.706237] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3355.752060] Interruptibility = 00000008 ActivityState = 00000000 [ 3355.766060] Interruptibility = 00000008 ActivityState = 00000000 [ 3355.772318] *** Host State *** [ 3355.792778] *** Host State *** [ 3355.807269] RIP = 0xffffffff811b36f0 RSP = 0xffff88808bf378b8 [ 3355.813400] RIP = 0xffffffff811b36f0 RSP = 0xffff88808c0478b8 [ 3355.824698] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3355.834889] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3355.878954] FSBase=00007f97698c8700 GSBase=ffff8880ae800000 TRBase=fffffe0000033000 [ 3355.910284] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3355.919372] FSBase=00007f4b44f19700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3355.931362] CR0=0000000080050033 CR3=00000000907a1000 CR4=00000000001426f0 [ 3355.942291] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3355.952046] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3355.961095] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3355.970332] CR0=0000000080050033 CR3=0000000088c4d000 CR4=00000000001426e0 [ 3355.980500] *** Control State *** [ 3355.983961] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3355.993826] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3356.003591] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3356.012717] EntryControls=0000d1ff ExitControls=002fefff [ 3356.021290] *** Control State *** [ 3356.025272] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3356.035081] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3356.045064] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3356.054815] EntryControls=0000d1ff ExitControls=002fefff [ 3356.063690] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3356.073561] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3356.080535] reason=80000021 qualification=0000000000000000 [ 3356.080545] IDTVectoring: info=00000000 errcode=00000000 [ 3356.080551] TSC Offset = 0xfffff8f90afb73c4 [ 3356.080561] EPT pointer = 0x00000000a97ee01e [ 3356.092395] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3356.092409] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3356.120891] reason=80000021 qualification=0000000000000000 [ 3356.127579] IDTVectoring: info=00000000 errcode=00000000 [ 3356.135595] TSC Offset = 0xfffff8f9109b9099 [ 3356.140084] EPT pointer = 0x0000000098f3f01e 23:37:55 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x8, 0x2) ioctl$RNDADDENTROPY(r2, 0x40085203, &(0x7f00000000c0)=ANY=[@ANYBLOB="09000000ce00000001a08ed650f39c606909737fc6b2abc12897b3bb23157dc64c2270a88d95f9dc32b9ea58a320d81720d5e0211cf930d39253b0e00042240760ca7bdef528c90fabef305b0800000000000000072529aaac3b6df112e2dbe5c40940a4e229b4a1cb5167dbb666eccaedf177ef039eefabf62b11d4b92c883a1127f1d70a23b8a10b0369b10de3133d201337c0d36eadef8db8e78d647e0c5d8366ad0eb15b11319d9021be4548c6ee4b0b034123fdd60efe7cb55cf1d1203902a93e964239a136"]) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r3, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 23:37:55 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{0x0, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:55 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x400000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:55 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x400000, 0x0) ioctl$TIOCLINUX6(r1, 0x541c, &(0x7f0000000040)={0x6, 0x10000}) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) setsockopt$inet6_udp_encap(r1, 0x11, 0x64, &(0x7f0000000400)=0x1, 0x4) r2 = getpid() getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x84, &(0x7f0000000080)=[@in={0x2, 0x4e24, @empty}, @in6={0xa, 0x4e22, 0x9, @dev={0xfe, 0x80, [], 0x15}, 0x7}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e23, @rand_addr=0x7}, @in6={0xa, 0x4e20, 0x2, @rand_addr="47d5d753e4b036c953e4bbbb1cfcf19b", 0x5}, @in6={0xa, 0x4e20, 0x4, @rand_addr="41c188641fbc6d639fb7ebed00b7d0b6", 0xcf99}]}, &(0x7f00000001c0)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f0000000300)={r3, @in={{0x2, 0x4e21, @remote}}, [0x2, 0x9, 0x6, 0x1, 0x7f, 0x10c5a0, 0x7fffffff, 0x4, 0x6, 0x101, 0x2, 0x7, 0x7fff, 0x7fff, 0x50]}, &(0x7f0000000200)=0x100) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) fcntl$setownex(r4, 0xf, &(0x7f0000000280)={0x2, r2}) ioctl$sock_FIOGETOWN(r4, 0x8903, &(0x7f00000002c0)=0x0) wait4(r5, 0x0, 0x80000000, 0x0) 23:37:55 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd00]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x400000000000000) 23:37:55 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe80]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3356.361306] *** Guest State *** [ 3356.363007] *** Guest State *** [ 3356.364759] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3356.364775] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3356.364787] CR3 = 0x0000000000000000 [ 3356.369486] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3356.392401] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 23:37:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x500000000000000) [ 3356.450362] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3356.451502] CR3 = 0x0000000000000000 [ 3356.474172] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3356.479445] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3356.494165] RFLAGS=0x00000002 DR7 = 0x0000000000000400 23:37:55 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3356.525734] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3356.533510] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3356.565705] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 23:37:55 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) recvmsg(r0, &(0x7f0000002300)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)=""/70, 0x46}, {&(0x7f0000000080)=""/51, 0x33}, {&(0x7f00000000c0)=""/78, 0x4e}, {&(0x7f0000000140)=""/5, 0x5}, {&(0x7f0000000300)=""/4096, 0x1000}], 0x2, &(0x7f0000001300)=""/4096, 0x1000}, 0x100) r2 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r3, 0xf, &(0x7f0000000280)={0x2, r2}) ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f00000002c0)=0x0) ioctl$SIOCRSACCEPT(r0, 0x89e3) wait4(r4, 0x0, 0x80000000, 0x0) process_vm_readv(r2, &(0x7f0000002540)=[{&(0x7f0000002340)=""/67, 0x43}, {0x0}, {&(0x7f00000023c0)=""/228, 0xe4}, {&(0x7f00000024c0)=""/109, 0x6d}], 0x4, &(0x7f00000039c0)=[{&(0x7f0000002580)=""/135, 0x87}, {&(0x7f0000002640)=""/153, 0x99}, {&(0x7f0000002700)=""/197, 0xc5}, {&(0x7f0000002800)=""/88, 0x58}, {&(0x7f0000002880)}, {&(0x7f00000028c0)=""/4096, 0x1000}, {&(0x7f00000038c0)=""/218, 0xda}], 0x7, 0x0) 23:37:55 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x500000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3356.573773] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3356.586541] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3356.602165] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3356.626987] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3356.647935] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:55 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3356.685548] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3356.693658] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3356.709646] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3356.728347] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3356.745821] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3356.753811] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3356.765712] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3356.805792] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3356.835447] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3356.844517] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3356.865551] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3356.873621] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3356.895500] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3356.902159] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3356.902377] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3356.922914] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3356.938743] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3356.945930] Interruptibility = 00000008 ActivityState = 00000000 [ 3356.950069] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3356.952253] *** Host State *** [ 3356.960226] Interruptibility = 00000008 ActivityState = 00000000 [ 3356.975444] RIP = 0xffffffff811b36f0 RSP = 0xffff888091d378b8 [ 3356.975958] *** Host State *** [ 3356.981520] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3356.984865] RIP = 0xffffffff811b36f0 RSP = 0xffff8880515f78b8 [ 3357.004317] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3357.005462] FSBase=00007f4b44f19700 GSBase=ffff8880ae800000 TRBase=fffffe0000033000 [ 3357.010996] FSBase=00007f97698c8700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3357.032462] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3357.036607] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3357.038566] CR0=0000000080050033 CR3=000000009fa1b000 CR4=00000000001426e0 [ 3357.055521] CR0=0000000080050033 CR3=00000000907a1000 CR4=00000000001426f0 [ 3357.064582] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3357.075277] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3357.090318] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3357.096519] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3357.096527] *** Control State *** [ 3357.112691] *** Control State *** [ 3357.122992] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3357.131021] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3357.151317] EntryControls=0000d1ff ExitControls=002fefff [ 3357.151612] EntryControls=0000d1ff ExitControls=002fefff [ 3357.166239] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3357.173174] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3357.179901] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3357.179911] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3357.179920] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3357.179928] reason=80000021 qualification=0000000000000000 [ 3357.215905] IDTVectoring: info=00000000 errcode=00000000 [ 3357.221492] TSC Offset = 0xfffff8f84fd9460b [ 3357.231763] EPT pointer = 0x0000000088f2d01e [ 3357.237608] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3357.244357] reason=80000021 qualification=0000000000000000 [ 3357.274446] IDTVectoring: info=00000000 errcode=00000000 [ 3357.291224] TSC Offset = 0xfffff8f851bc2b06 23:37:56 executing program 1: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x7) syz_open_dev$midi(&(0x7f00000000c0)='/dev/midi#\x00', 0x3, 0x40000) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SMI(r3, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r3, 0xae80, 0x0) chroot(&(0x7f0000000100)='./file0\x00') [ 3357.315084] EPT pointer = 0x000000007fad601e 23:37:56 executing program 2: r0 = syz_open_dev$sndpcmc(&(0x7f00000002c0)='/dev/snd/pcmC#D#c\x00', 0x8000, 0x111781) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f0000000300)=0xffffffffffffffff, 0x4) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000240)='/dev/mixer\x00', 0x101000, 0x0) ioctl$SIOCX25SCAUSEDIAG(r2, 0x89ec, &(0x7f0000000280)={0x8, 0x41b}) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r4, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000200)={0x0, 0x3, 0x1, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) r5 = syz_open_dev$swradio(&(0x7f0000000040)='/dev/swradio#\x00', 0x0, 0x2) ioctl$KVM_RUN(r5, 0xae80, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) ioctl$BLKPG(r6, 0x1269, &(0x7f00000001c0)={0x9, 0x81, 0xcb, &(0x7f00000000c0)="1a837d669a3362b654d19049a6d4c52c6374c1664fe8d11d01cf320e76795a40369984fc16730e6810350c3ce1170a0ba828daebc2387b20a558d0e55c820cd154593a9fe5d7e207e90e99e5ff7d7d0a2b3f034f483be310e953c79954bea443865547f632fd6ebc7d0ba2efca3807e53b613ef8785adae954a3043cd4b1b3df2a49ab665c481d8883168dd19108fee76d0933934ca5626d543c964af3a0672327f885b6dff058602c26c81f7b4c71642137a2243a04987155974d2dee49b61415fe8529c0ae1be257a3ee"}) ioctl$SG_GET_TIMEOUT(r0, 0x2202, 0x0) 23:37:56 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x600000000000000) 23:37:56 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x600000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:56 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2800]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3357.406875] *** Guest State *** [ 3357.415597] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:56 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3580]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3357.447426] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3357.495717] CR3 = 0x0000000000000000 [ 3357.499891] RSP = 0x0000000000000000 RIP = 0x0000000000008000 23:37:56 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x700000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3357.545946] RFLAGS=0x00000002 DR7 = 0x0000000000000400 23:37:56 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) r5 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x8, 0x0) ioctl$VHOST_SET_FEATURES(r5, 0x4008af00, &(0x7f0000000080)=0xc000000) wait4(r4, 0x0, 0x80000000, 0x0) ioctl$sock_inet_SIOCGIFPFLAGS(r3, 0x8935, &(0x7f0000000000)={'netdevsim0\x00', 0x400}) [ 3357.599552] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 23:37:56 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c00]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3357.642459] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 23:37:56 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x700000000000000) [ 3357.702931] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:56 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x800000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3357.755697] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3357.773747] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:56 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x4000, 0x0) ioctl$EVIOCREVOKE(r1, 0x40044591, &(0x7f00000000c0)=0x4) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r3, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 3357.835666] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3357.876491] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3357.893872] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3357.923590] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3357.943091] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3357.965481] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3357.987266] *** Guest State *** [ 3357.990576] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3358.015522] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3358.022212] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3358.045509] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3358.065883] CR3 = 0x0000000000000000 [ 3358.069741] Interruptibility = 00000008 ActivityState = 00000000 [ 3358.076521] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3358.082627] *** Host State *** [ 3358.086427] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3358.092567] RIP = 0xffffffff811b36f0 RSP = 0xffff8880512e78b8 [ 3358.099706] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3358.106861] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3358.113422] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3358.121808] FSBase=00007f4b44f19700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3358.130046] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3358.138429] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3358.144456] CR0=0000000080050033 CR3=00000000407f2000 CR4=00000000001426e0 [ 3358.151966] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3358.168295] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3358.174990] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3358.181423] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3358.189761] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3358.201895] *** Control State *** [ 3358.206692] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3358.214734] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3358.221827] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3358.230182] EntryControls=0000d1ff ExitControls=002fefff [ 3358.235916] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3358.242853] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3358.249904] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3358.258244] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3358.275541] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3358.275836] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3358.287838] reason=80000021 qualification=0000000000000000 [ 3358.291080] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3358.311007] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3358.315400] IDTVectoring: info=00000000 errcode=00000000 [ 3358.320123] Interruptibility = 00000008 ActivityState = 00000000 [ 3358.323904] TSC Offset = 0xfffff8f7bf08d9fa [ 3358.323915] EPT pointer = 0x0000000091d8e01e [ 3358.346542] *** Host State *** [ 3358.349962] RIP = 0xffffffff811b36f0 RSP = 0xffff88808c0478b8 [ 3358.356177] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3358.362787] FSBase=00007f97698c8700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3358.370908] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3358.377075] CR0=0000000080050033 CR3=00000000a62c9000 CR4=00000000001426e0 [ 3358.384282] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3358.391274] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3358.397580] *** Control State *** [ 3358.401205] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3358.408203] EntryControls=0000d1ff ExitControls=002fefff [ 3358.413900] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3358.421097] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3358.428078] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3358.434851] reason=80000021 qualification=0000000000000000 [ 3358.441429] IDTVectoring: info=00000000 errcode=00000000 [ 3358.447192] TSC Offset = 0xfffff8f7749d9e35 [ 3358.451721] EPT pointer = 0x0000000082a5f01e [ 3358.470214] *** Guest State *** [ 3358.470228] CR0: actual=0x000000008005003f, shadow=0x000000008005001f, gh_mask=fffffffffffffff7 [ 3358.506273] CR4: actual=0x0000000000002068, shadow=0x0000000000000028, gh_mask=ffffffffffffe871 [ 3358.515136] CR3 = 0x0000000000000000 [ 3358.535443] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3358.541478] RFLAGS=0x00000002 DR7 = 0x0000000000000400 23:37:57 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40106614, &(0x7f0000000000)={0x0, @speck128}) 23:37:57 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0xfffffffffffffffd, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40000, 0x117) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000100)={0x0, 0xca, 0x20, 0x100000000000000, 0x24c}, &(0x7f0000000140)=0x18) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r1, 0x84, 0x17, &(0x7f0000000300)={r2, 0x80000000, 0x7f, "32e3705e7eca17c80c0be9ca8924747d303d9c0ed89fb3c7b5a0c52e87c5a554a9b0d308b11338c1de53ed0b25b58b8aa0001402163bc52062db53bbae983513932a64d42b53e10d244f2970fb43567730e7c6cd3145d48c19501e769d2104584e04c99cbb5a4e0f49a3934f50d69d9bf38e7d459db86d6702d1a6a38663d1"}, 0x87) r3 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x0, 0x0) setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r3, 0x84, 0x21, &(0x7f0000000080)=0x9, 0x4) bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e20, 0x5, @remote, 0x2}, 0x1c) r4 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r5, 0xf, &(0x7f0000000280)={0x2, r4}) ioctl$sock_FIOGETOWN(r5, 0x8903, &(0x7f00000002c0)=0x0) wait4(r6, 0x0, 0x80000000, 0x0) 23:37:57 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:57 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x900000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0xf00000000000000) [ 3358.565428] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3358.572117] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3358.583771] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3358.628422] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 23:37:57 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3358.686969] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3358.699302] *** Guest State *** [ 3358.712749] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:57 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) r3 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x0, 0x2) r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f0000000200)={&(0x7f0000000040), 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r4, 0x0, 0x70bd25, 0x25dfdbfc, {{}, 0x0, 0xb, 0x0, {0xc, 0x14, 'syz0\x00'}}, ["", "", "", "", "", ""]}, 0x28}}, 0x800) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) r5 = syz_open_dev$swradio(&(0x7f0000000080)='/dev/swradio#\x00', 0x1, 0x2) setsockopt$IPT_SO_SET_ADD_COUNTERS(r5, 0x0, 0x41, &(0x7f0000000800)=ANY=[@ANYBLOB="6e6174000000000000000000000000000000000000000000000000000400000002000000000000000000000000000000000000000000bc2568ff10925fe600000000000000000000"], 0x48) getpeername$packet(r2, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000003c0)=0x14) ioctl$sock_inet6_SIOCDELRT(r3, 0x890c, &(0x7f0000000400)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, @dev={0xfe, 0x80, [], 0x1d}, @local, 0x3fff80000000000, 0x9, 0x7ff, 0x100, 0x5000000, 0x800100, r6}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r7, 0x0, 0x80000000, 0x0) [ 3358.760824] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3358.782494] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 23:37:57 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xa00000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3358.822801] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3358.834250] CR3 = 0x0000000000000000 [ 3358.855647] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3358.862542] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3358.876491] RFLAGS=0x00000002 DR7 = 0x0000000000000400 23:37:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x1100000000000000) [ 3358.919222] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3358.930044] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 23:37:58 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4788]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3358.965853] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3358.977566] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3358.993508] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:58 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000002, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) r3 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2) setsockopt$netlink_NETLINK_PKTINFO(r3, 0x10e, 0x3, &(0x7f0000000040)=0x45, 0x4) ioctl$CAPI_NCCI_GETUNIT(r3, 0x80044327, &(0x7f0000000080)=0xfff2) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r4, 0x0, 0x3ffffffc, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f00000000c0)={0x0, r3, 0x6, 0x1}, 0x14) [ 3359.020518] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3359.033859] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3359.066358] EFER = 0x0000000000006500 PAT = 0x0007040600070406 [ 3359.075753] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3359.127047] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3359.134528] Interruptibility = 00000008 ActivityState = 00000000 [ 3359.143820] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3359.156496] *** Host State *** [ 3359.159711] RIP = 0xffffffff811b36f0 RSP = 0xffff88808c0478b8 [ 3359.180083] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3359.185791] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3359.209373] FSBase=00007f97698c8700 GSBase=ffff8880ae800000 TRBase=fffffe0000033000 [ 3359.217957] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3359.226302] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3359.243406] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3359.245998] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3359.262541] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3359.269301] CR0=0000000080050033 CR3=00000000a62c9000 CR4=00000000001426f0 [ 3359.271513] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3359.284437] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3359.296332] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3359.303897] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3359.305033] Interruptibility = 00000008 ActivityState = 00000000 [ 3359.311492] *** Control State *** [ 3359.326138] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3359.332885] EntryControls=0000d3ff ExitControls=002fefff [ 3359.335482] *** Host State *** [ 3359.342197] RIP = 0xffffffff811b36f0 RSP = 0xffff88805120f8b8 [ 3359.342923] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3359.355495] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3359.355545] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3359.362025] FSBase=00007f4b44f19700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3359.374835] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3359.383225] reason=80000021 qualification=0000000000000000 [ 3359.395636] IDTVectoring: info=00000000 errcode=00000000 [ 3359.401184] TSC Offset = 0xfffff8f7749d9e35 [ 3359.405467] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3359.410313] EPT pointer = 0x0000000082a5f01e [ 3359.411804] CR0=0000000080050033 CR3=00000000916e0000 CR4=00000000001426e0 [ 3359.423058] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 23:37:58 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) r3 = syz_open_dev$mouse(&(0x7f0000000180)='/dev/input/mouse#\x00', 0x400, 0x40) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r3, 0x40605346, &(0x7f00000000c0)={0x9, 0x0, {0xffffffffffffffff, 0x1, 0xfffffffffffffffd, 0x0, 0x885}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 3359.445512] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3359.451701] *** Control State *** [ 3359.455270] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3359.464348] EntryControls=0000d1ff ExitControls=002fefff [ 3359.491017] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3359.525476] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3359.545532] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3359.552215] reason=80000021 qualification=0000000000000000 [ 3359.562479] *** Guest State *** [ 3359.565843] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3359.574694] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3359.583887] IDTVectoring: info=00000000 errcode=00000000 [ 3359.589679] TSC Offset = 0xfffff8f70cb9b99d [ 3359.594102] EPT pointer = 0x0000000057e5e01e [ 3359.598920] CR3 = 0x0000000000000000 [ 3359.602939] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3359.609442] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3359.616182] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3359.623187] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3359.631973] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3359.640956] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3359.649932] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3359.659105] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3359.668221] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3359.677498] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3359.687745] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3359.697189] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3359.705758] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3359.713898] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3359.721000] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3359.728901] Interruptibility = 00000008 ActivityState = 00000000 [ 3359.735302] *** Host State *** [ 3359.739111] RIP = 0xffffffff811b36f0 RSP = 0xffff888057e4f8b8 [ 3359.745279] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3359.752173] FSBase=00007f97698c8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3359.760378] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3359.766679] CR0=0000000080050033 CR3=00000000a62c9000 CR4=00000000001426f0 [ 3359.773882] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3359.780996] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3359.787492] *** Control State *** [ 3359.791115] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 23:37:58 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x4, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="030000000000000e00000000e36a00000700000000000000020000000100000014fa00003f000000eb000000000000000700008009000000030000000004000000011a818719e7000000000000000000"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:58 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xb00000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:58 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4888]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x2000000000000000) 23:37:58 executing program 3: socketpair$unix(0x1, 0x9, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)) r1 = socket$inet6(0xa, 0x3, 0x8806) fdatasync(0xffffffffffffff9c) socket$inet6(0xa, 0x40000005, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x7fffffff, 0x200000) r2 = dup(r0) sendmsg$IPVS_CMD_DEL_DEST(r2, &(0x7f00000000c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[]}, 0x1, 0x0, 0x0, 0x1}, 0xfffffffffffffffd) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net\x00') fcntl$setstatus(r3, 0x4, 0x4800) r4 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) syz_open_dev$binder(&(0x7f0000000280)='/dev/binder#\x00', 0x0, 0x107fe) mq_open(&(0x7f0000000000)='..\x00', 0x0, 0x0, &(0x7f0000000040)) r5 = socket$inet_dccp(0x2, 0x6, 0x0) listen(r4, 0x6) setsockopt(r5, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1) connect$inet(r5, &(0x7f0000e5c000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10) connect$netlink(r3, &(0x7f00000001c0)=@unspec, 0xc) ioctl$LOOP_CHANGE_FD(r3, 0x4c06, r1) ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000440)={'bcsh0\x00', &(0x7f0000000740)=ANY=[@ANYBLOB="200000918c0000003ac6a7beef45f1b82a29b374710400000000000000a7431dadbb66a0a63e7ab880e055e213279dbbe709df1772f372894123809e87e04cdea2e149004df07a482924497acfe6d5cd22d44e62d88c82211e7743bc7aa3d17ef6045af447664e38b0ae0012bea70558000000f04578b44155c8e5c441d726e72b687d899abacddbdd02cf6f898e67679322924c6b76f59735a193ddcd5947b89b1f818904b5e7066d3a9b83464bf37d09cf85582f033dc347be952d951f72305ce35387dc8a"]}) r6 = accept(r4, 0x0, &(0x7f0000000580)=0xffffffffffffff70) connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c) read(r5, &(0x7f0000000480)=""/144, 0x90) setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000300)='tls\x00', 0xfffffffffffffea1) setsockopt$sock_timeval(r1, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x2710}, 0x10) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000380)={0x0, 0x600000000000000}, &(0x7f00000003c0)=0x8) setsockopt$inet_sctp_SCTP_RESET_ASSOC(r6, 0x84, 0x78, &(0x7f00000002c0)=r7, 0xffffffffffffff28) [ 3359.798236] EntryControls=0000d1ff ExitControls=002fefff [ 3359.803882] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3359.811308] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3359.819463] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3359.854393] reason=80000021 qualification=0000000000000000 [ 3359.882322] IDTVectoring: info=00000000 errcode=00000000 [ 3359.911532] TSC Offset = 0xfffff8f69af8de1d 23:37:59 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3359.942360] EPT pointer = 0x00000000a626501e [ 3359.970784] *** Guest State *** [ 3359.974097] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:37:59 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xc00000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3360.016310] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3360.061803] CR3 = 0x0000000000000000 [ 3360.077449] RSP = 0x0000000000000000 RIP = 0x0000000000008000 23:37:59 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) r4 = socket$bt_cmtp(0x1f, 0x3, 0x5) ioctl$KVM_DIRTY_TLB(r4, 0x4010aeaa, &(0x7f0000000000)={0x400, 0x8}) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x2, @dev={0xfe, 0x80, [], 0x22}, 0x7000}, @in={0x2, 0x4e20, @loopback}, @in6={0xa, 0x4e22, 0x0, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x101}, @in6={0xa, 0x1, 0x0, @remote, 0xffffffffffffffc0}, @in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in6={0xa, 0x4e24, 0x9, @empty, 0x4}, @in6={0xa, 0x4e22, 0x5a, @empty, 0x6}], 0xac) ioctl$KVM_SET_BOOT_CPU_ID(r0, 0xae78, &(0x7f0000000180)=0x1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:37:59 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x3f00000000000000) [ 3360.116619] RFLAGS=0x00000002 DR7 = 0x0000000000000400 23:37:59 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6488]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3360.158590] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3360.187177] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3360.237454] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3360.294055] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3360.326477] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:37:59 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xd00000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:59 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x4000000000000000) [ 3360.345608] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3360.388500] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3360.415744] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3360.448161] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3360.480857] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3360.511267] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3360.531116] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3360.537998] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3360.551726] Interruptibility = 00000008 ActivityState = 00000000 [ 3360.558740] *** Host State *** [ 3360.562115] RIP = 0xffffffff811b36f0 RSP = 0xffff8880512e78b8 [ 3360.574381] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3360.581279] FSBase=00007f4b44f19700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3360.595461] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3360.601528] CR0=0000000080050033 CR3=0000000096058000 CR4=00000000001426e0 [ 3360.614757] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3360.621848] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3360.635264] *** Control State *** [ 3360.639174] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3360.652175] EntryControls=0000d1ff ExitControls=002fefff [ 3360.658016] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3360.666022] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3360.685924] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3360.708566] reason=80000021 qualification=0000000000000000 [ 3360.715127] IDTVectoring: info=00000000 errcode=00000000 [ 3360.735038] TSC Offset = 0xfffff8f660ec9372 [ 3360.741828] EPT pointer = 0x00000000a95ea01e 23:37:59 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x2000, 0x0) setsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, &(0x7f00000000c0)={0x28, 0x4}, 0x2) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SMI(r3, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 23:37:59 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800e]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:37:59 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xe00000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:37:59 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet(0x2, 0x0, 0xd90) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000000c0)={{{@in6=@dev, @in6=@ipv4={[], [], @multicast2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in=@loopback}}, &(0x7f0000000000)=0xe8) fstat(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000240)={{{@in=@multicast2, @in=@broadcast, 0x4e21, 0xffff, 0x4e23, 0x6, 0x2, 0x80, 0xa0, 0x11, r4, r5}, {0x2cc9, 0x6, 0xfffffffffffffffd, 0x1000, 0x753, 0x0, 0x8, 0x6}, {0xfffffffffffffff7, 0x0, 0xff}, 0x6, 0x6e6bb3, 0x1, 0x1, 0x3, 0x3}, {{@in6=@empty, 0x4d5, 0xff}, 0xa, @in=@empty, 0x3506, 0x0, 0x1, 0x0, 0x6, 0xb52d, 0x7fff}}, 0xe8) 23:37:59 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x6000000000000000) 23:37:59 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r2 = getpid() flock(r0, 0x1) socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r3, 0xf, &(0x7f0000000280)={0x2, r2}) ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f00000002c0)=0x0) wait4(r4, 0x0, 0x80000000, 0x0) [ 3360.923280] *** Guest State *** [ 3360.932528] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:38:00 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8035]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3360.980977] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3361.002009] *** Guest State *** [ 3361.014255] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3361.019285] CR3 = 0x0000000000000000 23:38:00 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xf00000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3361.050550] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3361.061113] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3361.078117] RFLAGS=0x00000002 DR7 = 0x0000000000000400 23:38:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0xffffffff00000000) [ 3361.100610] CR3 = 0x0000000000000000 [ 3361.107309] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3361.127319] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 23:38:00 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) mlock2(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) [ 3361.148858] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3361.158904] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3361.170742] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3361.183923] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:38:00 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8100]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3361.203973] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3361.210980] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3361.245920] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3361.285557] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3361.295732] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3361.303718] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3361.311717] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3361.311736] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3361.311755] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3361.311774] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:38:00 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1000000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3361.311787] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3361.326580] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3361.360038] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3361.373962] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3361.405838] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3361.419764] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3361.432416] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3361.473041] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3361.497348] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3361.503901] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3361.528708] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3361.543039] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3361.566734] Interruptibility = 00000008 ActivityState = 00000000 [ 3361.583141] *** Host State *** [ 3361.586861] Interruptibility = 00000008 ActivityState = 00000000 [ 3361.593100] *** Host State *** [ 3361.593115] RIP = 0xffffffff811b36f0 RSP = 0xffff888057e4f8b8 [ 3361.593139] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3361.593152] FSBase=00007f97698e9700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 3361.593164] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3361.608015] RIP = 0xffffffff811b36f0 RSP = 0xffff88804d6078b8 [ 3361.635704] CR0=0000000080050033 CR3=0000000059f84000 CR4=00000000001426e0 [ 3361.636375] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3361.643022] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3361.649615] FSBase=00007f4b44f19700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3361.670078] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3361.677436] CR0=0000000080050033 CR3=0000000080f42000 CR4=00000000001426f0 [ 3361.685300] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3361.695508] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3361.698657] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3361.712088] *** Control State *** [ 3361.715457] *** Control State *** [ 3361.718761] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3361.719086] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3361.728836] EntryControls=0000d1ff ExitControls=002fefff [ 3361.742019] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3361.745450] EntryControls=0000d1ff ExitControls=002fefff [ 3361.760064] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3361.765512] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3361.772235] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3361.785432] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3361.792109] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3361.800219] reason=80000021 qualification=0000000000000000 [ 3361.812913] IDTVectoring: info=00000000 errcode=00000000 [ 3361.815538] reason=80000021 qualification=0000000000000000 [ 3361.835834] TSC Offset = 0xfffff8f5d152d6ee [ 3361.840402] EPT pointer = 0x000000009154801e [ 3361.844930] IDTVectoring: info=00000000 errcode=00000000 [ 3361.855531] TSC Offset = 0xfffff8f5e04ee20c [ 3361.864218] EPT pointer = 0x000000008cb4201e 23:38:01 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0xd496, 0x400) mlock(&(0x7f0000ffe000/0x1000)=nil, 0x1000) sendmsg$TIPC_CMD_SET_NODE_ADDR(r2, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x24, 0x0, 0x800, 0x70bd2c, 0x25dfdbfd, {{}, 0x0, 0x8001, 0x0, {0xfffffec2, 0x11, 0x4}}, [""]}, 0xff08}}, 0x24000000) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) r4 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x9, 0x200000) ioctl$NBD_SET_TIMEOUT(r2, 0xab09, 0x41) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x12, 0xeb8f, 0xf13f, 0x5, 0x8, r4, 0x44a6}, 0x2c) ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000300)={0x5, 0x7fff, 0x9, 0x8000, 0x7}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f00000000c0)={0x3f}) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000100)={0xbc, 0x7, 0x2, 0x9, 0x7}) 23:38:01 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8847]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:38:01 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0xc2, 0x4000) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, &(0x7f0000000140)={0x9}, 0x1) clone(0x0, &(0x7f0000000080)="1eea77be4ff9fb252848c14d3bd8d08120f0aca415d3539ba10c18f3b378841a2dd9ab821d93ce313c19f2dff1ad1eabcac145b56e302ffb766a90da10599857b8edb5298497cccfd54a2d0a5938b8f3b71d53e8402964a4e460c2eaf9161266a0ea6711aa826f62ec871b3a915471b4768240b79465821e39eead8f489e973e", 0x0, 0x0, 0x0) r2 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$KVM_ASSIGN_PCI_DEVICE(r4, 0x8040ae69, &(0x7f0000000040)={0x18000000000000, 0x401, 0xdff, 0x5, 0x6}) fcntl$setownex(r3, 0xf, &(0x7f0000000280)={0x2, r2}) ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f00000002c0)=0x0) wait4(r5, 0x0, 0x80000000, 0x0) 23:38:01 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet(0x2, 0x0, 0x0) r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x1, 0x0) getsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000140)={@local, @rand_addr, 0x0}, &(0x7f0000000180)=0xc) connect$packet(r4, &(0x7f00000001c0)={0x11, 0x11, r5, 0x1, 0x3}, 0x14) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) getpeername$inet(r3, &(0x7f0000000000)={0x2, 0x0, @initdev}, &(0x7f00000000c0)=0x10) r6 = add_key$keyring(&(0x7f0000000200)='keyring\x00', &(0x7f0000000240)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) keyctl$KEYCTL_PKEY_QUERY(0x18, r6, 0x0, &(0x7f0000000280)='/dev/sequencer2\x00', &(0x7f00000002c0)) 23:38:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mknod(&(0x7f00000002c0)='./file0\x00', 0x8280, 0xca) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) write$P9_RVERSION(r3, &(0x7f0000000080)={0x13, 0x65, 0xffff, 0x4, 0x6, '9P2000'}, 0x13) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {0xfffffffffffffffc}, {}, {0x0, 0x0, 0xfffffffffffffffc}, {}, {0x1, 0x0, 0x200}, {0x200000}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000000280)=0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x3, 0x1, 0x6, 0x7, 0x0, 0x7fff, 0x0, 0x8, 0x6, 0x1, 0x0, 0x2305400000000, 0x8001, 0x7, 0x6, 0x4, 0x4, 0xfffffffffffffffc, 0x100, 0x0, 0x100, 0x3ff, 0x2, 0x5, 0xffffffffffffffff, 0x3, 0x546e, 0xc8, 0x9, 0x80, 0x10001, 0x68e2, 0x6, 0x4, 0x6, 0x81, 0x0, 0x2, 0x7, @perf_config_ext={0x9, 0x6}, 0x0, 0x1, 0xfffffffffffffffc, 0x0, 0xdbfa, 0x3, 0x6}, r5, 0xa, r4, 0x2) 23:38:01 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1100000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:38:01 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8848]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:38:01 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) r4 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x7b, 0x400200) ioctl$CAPI_NCCI_GETUNIT(r4, 0x80044327, &(0x7f0000000080)=0x8) ioctl$KIOCSOUND(r4, 0x4b2f, 0xfffffffffffffff7) wait4(r3, 0x0, 0x80000000, 0x0) [ 3362.052091] *** Guest State *** [ 3362.059704] CR0: actual=0x000000008005003f, shadow=0x000000008005001f, gh_mask=fffffffffffffff7 [ 3362.113820] CR4: actual=0x0000000000002068, shadow=0x0000000000000028, gh_mask=ffffffffffffe871 23:38:01 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1200000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3362.155931] CR3 = 0x0000000000000000 [ 3362.172704] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [ 3362.178124] *** Guest State *** [ 3362.182629] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3362.195482] RFLAGS=0x00000002 DR7 = 0x0000000000000400 23:38:01 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8864]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:38:01 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) fcntl$setpipe(r2, 0x407, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000000)=0x4400000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 3362.209653] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3362.230062] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3362.235684] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 23:38:01 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) r4 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0xffffffffffff20a7, 0x109000) msgget$private(0x0, 0x10) ioctl$KVM_PPC_GET_PVINFO(r4, 0x4080aea1, &(0x7f0000000040)=""/14) [ 3362.269378] CR3 = 0x0000000000000000 [ 3362.275192] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3362.278109] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0xfffffffffffffffc [ 3362.303096] SS: sel=0x0200, attr=0x10000, limit=0x00000000, base=0x0000000000000001 23:38:01 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3362.325531] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3362.341700] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3362.354484] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3362.386417] FS: sel=0xfffc, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3362.391224] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3362.410505] *** Guest State *** [ 3362.413793] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3362.428040] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 23:38:01 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1300000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3362.438104] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3362.465932] GDTR: limit=0x00000000, base=0x0000000000000000 23:38:01 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3362.490226] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3362.495802] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3362.511379] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3362.539779] CR3 = 0x0000000000000000 [ 3362.555547] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3362.564872] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000200000 [ 3362.570087] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3362.575468] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3362.596081] EFER = 0x0000000000006500 PAT = 0x0007040600070406 [ 3362.612903] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3362.626316] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3362.639028] Interruptibility = 00000000 ActivityState = 00000000 [ 3362.647676] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3362.668244] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3362.669109] *** Host State *** [ 3362.676622] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3362.687515] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3362.692556] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3362.704948] RIP = 0xffffffff811b36f0 RSP = 0xffff88808ecf78b8 [ 3362.705216] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3362.721513] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3362.730990] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3362.732047] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3362.745234] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3362.753986] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3362.757884] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3362.770271] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3362.775826] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3362.783293] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3362.800283] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3362.810244] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3362.819481] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3362.823316] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3362.835161] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3362.843830] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3362.851210] Interruptibility = 00000008 ActivityState = 00000000 [ 3362.855550] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3362.870295] *** Host State *** [ 3362.875554] CR0=0000000080050033 CR3=00000000a8aca000 CR4=00000000001426e0 [ 3362.883060] RIP = 0xffffffff811b36f0 RSP = 0xffff888057e4f8b8 [ 3362.883784] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3362.893835] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3362.901375] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3362.920102] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3362.923300] FSBase=00007f4b44ed7700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3362.932379] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3362.946092] *** Control State *** [ 3362.955324] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3362.959076] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3362.964392] Interruptibility = 00000008 ActivityState = 00000000 [ 3362.973415] CR0=0000000080050033 CR3=0000000093ed2000 CR4=00000000001426f0 [ 3362.981640] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3362.985498] *** Host State *** [ 3362.995023] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3363.001232] *** Control State *** [ 3363.004811] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3363.005633] EntryControls=0000d3ff ExitControls=002fefff [ 3363.019365] RIP = 0xffffffff811b36f0 RSP = 0xffff88809772f8b8 [ 3363.020563] EntryControls=0000d1ff ExitControls=002fefff [ 3363.035552] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3363.042529] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3363.042539] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3363.042550] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3363.065493] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3363.076710] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3363.080501] reason=80000021 qualification=0000000000000000 [ 3363.090223] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3363.092652] IDTVectoring: info=00000000 errcode=00000000 [ 3363.102848] FSBase=00007f97698c8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3363.105820] reason=80000021 qualification=0000000000000000 [ 3363.117585] TSC Offset = 0xfffff8f543c53bc7 [ 3363.122003] EPT pointer = 0x00000000a0cae01e [ 3363.131801] IDTVectoring: info=00000000 errcode=00000000 [ 3363.131965] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3363.137500] TSC Offset = 0xfffff8f50ded9d13 [ 3363.165504] EPT pointer = 0x0000000052fa001e [ 3363.171543] CR0=0000000080050033 CR3=000000005ac3d000 CR4=00000000001426f0 [ 3363.179894] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3363.193806] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3363.200331] *** Control State *** [ 3363.203926] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3363.217897] EntryControls=0000d1ff ExitControls=002fefff [ 3363.223496] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3363.234760] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3363.245507] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3363.252105] reason=80000021 qualification=0000000000000000 [ 3363.258577] IDTVectoring: info=00000000 errcode=00000000 [ 3363.264031] TSC Offset = 0xfffff8f537308f99 23:38:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x100, 0x8001) ioctl$sock_inet_SIOCSIFNETMASK(r1, 0x891c, &(0x7f00000000c0)={'bcsh0\x00', {0x2, 0x4e20, @broadcast}}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r3, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_GET_CPUID2(r1, 0xc008ae91, &(0x7f0000000100)={0x5, 0x0, [{}, {}, {}, {}, {}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 23:38:02 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000040)={0x0, 0x1, 0x8, [0x6, 0x7, 0x0, 0x5d4a, 0x9, 0x9, 0x9, 0x8]}, &(0x7f0000000080)=0x18) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f00000000c0)={r1, 0xfffffffffffffff8}, &(0x7f0000000100)=0x8) r2 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r3, 0xf, &(0x7f0000000280)={0x2, r2}) ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f00000002c0)=0x0) wait4(r4, 0x0, 0x80000000, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000000)) [ 3363.268483] EPT pointer = 0x0000000059a0c01e 23:38:02 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1400000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:38:02 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0ffff]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:38:02 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) flock(r1, 0x4) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:38:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ece, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x3, 0x100) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 3363.379124] *** Guest State *** [ 3363.402449] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3363.417031] *** Guest State *** [ 3363.420384] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3363.440991] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 23:38:02 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3363.455623] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3363.500730] CR3 = 0x0000000000000000 [ 3363.504586] CR3 = 0x0000000000000000 [ 3363.519203] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3363.525582] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3363.545186] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3363.564578] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3363.583200] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3363.595640] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3363.603639] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:38:02 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1500000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:38:02 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3363.623538] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3363.644359] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 23:38:02 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000000)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) [ 3363.693841] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3363.705198] *** Guest State *** [ 3363.720904] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3363.730587] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3363.738981] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3363.747407] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3363.747427] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3363.747447] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3363.747461] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3363.747479] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3363.747493] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3363.747512] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3363.747523] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3363.747536] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3363.747546] Interruptibility = 00000008 ActivityState = 00000000 [ 3363.747551] *** Host State *** [ 3363.747564] RIP = 0xffffffff811b36f0 RSP = 0xffff88804d6078b8 [ 3363.747588] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3363.747601] FSBase=00007f4b44f19700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3363.747661] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3363.747677] CR0=0000000080050033 CR3=000000009195e000 CR4=00000000001426f0 [ 3363.747693] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3363.747706] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3363.747711] *** Control State *** [ 3363.747721] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3363.747728] EntryControls=0000d1ff ExitControls=002fefff 23:38:03 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3363.747741] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3363.790608] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3363.865012] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3363.877516] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3363.920572] CR3 = 0x0000000000000000 [ 3363.924469] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3363.933200] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3363.939969] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3363.953403] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3363.960447] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3363.963275] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3363.969069] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3363.996956] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3364.028144] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3364.033512] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3364.050213] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3364.053728] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3364.074308] reason=80000021 qualification=0000000000000000 [ 3364.077852] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3364.085921] IDTVectoring: info=00000000 errcode=00000000 23:38:03 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3364.101277] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3364.115767] TSC Offset = 0xfffff8f48a709870 [ 3364.120300] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3364.131964] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3364.134379] EPT pointer = 0x0000000084c2701e [ 3364.153040] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3364.173934] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3364.177703] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3364.203261] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3364.224166] Interruptibility = 00000008 ActivityState = 00000000 [ 3364.244030] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3364.252899] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3364.270853] *** Host State *** [ 3364.272179] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3364.298782] RIP = 0xffffffff811b36f0 RSP = 0xffff88808bf378b8 [ 3364.315610] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3364.323232] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3364.329832] Interruptibility = 00000008 ActivityState = 00000000 [ 3364.345550] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3364.353457] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3364.359526] *** Host State *** [ 3364.370573] RIP = 0xffffffff811b36f0 RSP = 0xffff888051dd78b8 [ 3364.376766] CR0=0000000080050033 CR3=00000000a94e5000 CR4=00000000001426e0 [ 3364.386589] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3364.393300] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3364.403830] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3364.419598] *** Control State *** [ 3364.423073] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3364.423082] EntryControls=0000d1ff ExitControls=002fefff [ 3364.423099] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3364.423108] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3364.423120] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3364.433592] FSBase=00007f97698c8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3364.455474] reason=80000021 qualification=0000000000000000 [ 3364.472655] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3364.475429] IDTVectoring: info=00000000 errcode=00000000 [ 3364.483999] TSC Offset = 0xfffff8f48b59bd6f [ 3364.491878] CR0=0000000080050033 CR3=000000005312d000 CR4=00000000001426f0 [ 3364.505481] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3364.512498] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3364.519584] EPT pointer = 0x00000000a4f2401e [ 3364.524375] *** Control State *** [ 3364.528281] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3364.535204] EntryControls=0000d1ff ExitControls=002fefff [ 3364.548647] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3364.561392] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3364.570556] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3364.607397] reason=80000021 qualification=0000000000000000 [ 3364.613841] IDTVectoring: info=00000000 errcode=00000000 [ 3364.638413] TSC Offset = 0xfffff8f46416816b [ 3364.644126] EPT pointer = 0x000000004d48f01e 23:38:03 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x6, 0x9) socket$inet(0x2, 0x3, 0xbe4e) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:38:03 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x3a11, 0x10000) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00') sendmsg$IPVS_CMD_GET_DEST(r1, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x3000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x58, r2, 0x101, 0x70bd28, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x34, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@initdev={0xfe, 0x88, [], 0x1, 0x0}}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@rand_addr=0xb35c}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x26}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4a352979}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}]}, 0x58}, 0x1, 0x0, 0x0, 0x801}, 0x20000004) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r3 = getpid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) fcntl$setownex(r4, 0xf, &(0x7f0000000280)={0x2, r3}) ioctl$sock_FIOGETOWN(r4, 0x8903, &(0x7f00000002c0)=0x0) wait4(r5, 0x0, 0x80000000, 0x0) r6 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x1, 0x2) setsockopt$inet6_tcp_TLS_TX(r6, 0x6, 0x1, &(0x7f0000000040), 0x4) 23:38:03 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1600000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:38:03 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) poll(&(0x7f0000000000)=[{r0, 0x1404}, {r0}, {r0}, {r0, 0x1140}], 0x4, 0x2) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:38:03 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:38:03 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$sock_rose_SIOCDELRT(r3, 0x890c, &(0x7f0000000280)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x51d1, @null, @rose={'rose', 0x0}, 0x5, [@bcast, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @default, @default]}) ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f0000000080)=0x0) migrate_pages(r4, 0x0, &(0x7f00000000c0)=0x5, &(0x7f0000000100)=0x84d5) [ 3364.799474] *** Guest State *** [ 3364.800930] *** Guest State *** [ 3364.807983] CR0: actual=0x000000008005003f, shadow=0x000000008005001f, gh_mask=fffffffffffffff7 [ 3364.821937] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 23:38:03 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3364.845613] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3364.854477] CR3 = 0x0000000000000000 [ 3364.865349] CR4: actual=0x0000000000002068, shadow=0x0000000000000028, gh_mask=ffffffffffffe871 [ 3364.886067] *** Guest State *** 23:38:04 executing program 3: socketpair$unix(0x1, 0x4, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r2 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) r4 = dup3(r1, r0, 0x80000) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x2400, 0xfff) openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20ncci\x00', 0x0, 0x0) wait4(r2, 0x0, 0x8, &(0x7f0000000300)) fcntl$setownex(r3, 0xf, &(0x7f0000000280)={0x2, r2}) ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f00000002c0)=0x0) r6 = socket(0x1, 0x80005, 0x60) r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040)='TIPCv2\x00') sendmsg$TIPC_NL_NODE_GET(r6, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="a2508f0283aeca05e1f2d7a404c63ea14cb8dd5e423255affa3f68a0d1b99a44a33a009482a3750398dc1c484a55d6c9f86dc144b97188d2e6ed9a06fd83591a824d0a469ce022844a20463f560105bd3f85f3663cf481b9a3826891fb71", @ANYRES16=r7, @ANYBLOB="0003de090000fbdbdf250d000000300007000c000300050000000000000008000100008000000800010009000000080002000000000008000100ff0100008400050008000100756470004c0002000800030000000000080003001d010000080003000200000008000400ff0700000800020004000000080001001c000000080002000001000008000200bd06000008000200070000001c0002000800020000000000080001000f00000008000200ff0f0000080005d405850100696200000800010075647000080002000400040008000600040002002000060008000100ff03000008000100010200000000000000000000040002004c00010038000400200001000a004e2300007fff00000000000000000000000000000001200000001400020002004e21000000000000000000000000100001007564703a73797a320000000008000600040002000c00090008000100fa3c0000663880cfd3383e462f709b6acf0a9dae32e300b26f51c6d2a098529fbc4d77799d7a9d465aed28b0a7e31be7daf42b85648cf828e524e411c870427b2e3eed3af35276ee8e4b6b9f31ee012a80104c46a52bc7b350796c39204f9137846459b129e97b7c90ee619b35f2fb4251799756f91eb64a325c8da793665b78dc1b67f106e98dacf9a70f74a066f9dd78c8c40b8e2121b61a9ca7ef726d"], 0x3}, 0x1, 0x0, 0x0, 0x1}, 0x48004) wait4(r5, 0x0, 0x80000000, 0x0) [ 3364.896568] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3364.922907] CR3 = 0x0000000000000000 [ 3364.932724] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3364.937643] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 23:38:04 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1700000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3364.946885] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [ 3364.964016] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3364.977160] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3364.989023] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3364.990646] CR3 = 0x0000000000000000 23:38:04 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3365.014088] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3365.016322] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3365.031565] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3365.056899] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3365.064832] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3365.077575] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3365.079437] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3365.103912] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3365.120284] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3365.131611] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3365.152711] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:38:04 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8060000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3365.166447] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3365.174904] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3365.182253] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3365.187206] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3365.221171] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3365.232584] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3365.244665] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3365.250939] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:38:04 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1800000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3365.278391] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3365.292446] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3365.311699] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3365.331584] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3365.341520] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3365.347893] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3365.357828] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3365.375553] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3365.385872] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3365.388655] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3365.402092] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3365.425761] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3365.431705] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3365.433875] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3365.454288] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3365.455120] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3365.475998] Interruptibility = 00000008 ActivityState = 00000000 [ 3365.482181] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3365.495669] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3365.501478] *** Host State *** [ 3365.505560] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3365.510177] RIP = 0xffffffff811b36f0 RSP = 0xffff888051cd78b8 [ 3365.520886] Interruptibility = 00000008 ActivityState = 00000000 [ 3365.528169] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3365.534792] FSBase=00007f97698c8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3365.537226] EFER = 0x0000000000006500 PAT = 0x0007040600070406 [ 3365.549164] *** Host State *** [ 3365.571389] RIP = 0xffffffff811b36f0 RSP = 0xffff8880919bf8b8 [ 3365.579016] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3365.606015] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3365.612463] FSBase=00007f4b44f19700 GSBase=ffff8880ae800000 TRBase=fffffe0000033000 [ 3365.620388] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3365.634599] CR0=0000000080050033 CR3=00000000919ea000 CR4=00000000001426f0 [ 3365.656407] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3365.662177] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3365.662417] Interruptibility = 00000000 ActivityState = 00000000 [ 3365.670542] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3365.687681] *** Control State *** [ 3365.691296] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3365.692789] CR0=0000000080050033 CR3=000000009a712000 CR4=00000000001426f0 [ 3365.701674] EntryControls=0000d1ff ExitControls=002fefff [ 3365.714249] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3365.715480] *** Host State *** [ 3365.732192] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3365.736792] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3365.755514] RIP = 0xffffffff811b36f0 RSP = 0xffff88808bf378b8 [ 3365.761543] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3365.766318] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3365.768593] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3365.775014] reason=80000021 qualification=0000000000000000 [ 3365.795654] IDTVectoring: info=00000000 errcode=00000000 [ 3365.795674] *** Control State *** [ 3365.801281] TSC Offset = 0xfffff8f3c0858d85 [ 3365.804664] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3365.814751] EPT pointer = 0x00000000a8f9401e [ 3365.825729] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3365.845665] EntryControls=0000d1ff ExitControls=002fefff 23:38:04 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x40002, 0x0) ioctl$RTC_PIE_ON(r0, 0x7005) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r3, 0xaeb7) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r0, 0xc008551a, &(0x7f00000000c0)={0x1, 0x28, [0x17f0, 0x6, 0x8, 0xffffffff, 0x5, 0x6, 0x1, 0x9, 0x7fffffff, 0xfff]}) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) write$binfmt_aout(r3, &(0x7f0000000500)={{0x107, 0x3, 0x1, 0x348, 0x1d4, 0x7, 0x301, 0x7}, "db618162bacf9fb4b02c22bf8b9824a9744955237bb7915932d00ae37e2b431bdb86149f602be25c8dfb55d18df8ac947b598871913464def1e44b6c1687c7c045b5d18c3aa780dc3781e38f86bb83252eea7b4c59fd44c87da74b2694fbf03eead44690d99b6e46290301d88af23ebbd767db4ea7448789d28cf20450df7d5c4cc43219ce03361f098275f5fcd4b1bdd1721619a6f15d4095f0037b2962bc52f9e835d5616de34c762cc90c79d731052570dd1721c97bbb60e65900fd95e13f8d5539517504b179bbcdcacbd2e6d32323aab26d4a30c038db6f479d89039090766109862306611a39e39e5b770e2fd0b2a16be00dbcb3f13bf921af427fd892e264dad649a3fa273be0813425a883ebfb87195b7d8d7e0da1d2bd852fda6bffee7c6ec6f0977fed0fbf8c2dcd67a4148eb6f9026f3ebe88d1eed77122dd1557cf63eb8ad30b177970bac87aca8725433d4daa8f0a7b86ebb4ef82d6640163a8ac8cb7dcb890c4dbcb811bceb666d0f87cc8e1b02a2c79180683e608b62b9f449a41615101160ac89d92faecf69528bc459921e39d54f2edf66f7ad02223734c2f67fa3af6d15bd078d715f380c1395d935e904d467877d8858a27b24e53e6dade548e04e93fb7b23749857fab2341da13bb85425e3285d754727e663aa121b0fc6f6320649e467f09cc41c5b3fc9fc82d3f6936ebb20033b94b5018a41ff94af5922dd4d6d546d8cd78235e2f46e150eb20d82cb74312afca8cf7ab1b189b31ed5c08f2f2288acc993a53947d622fa2feccbcac4fd388cab568a8ad83ca3c972a04512240c7c8c9e282e6989657a4b23b8d04a1bd73710900bd06ec1e57ca01a5bfb0645fa9303618d6ae0e6e89abd7f101b0339449e9f7abd66599f9f981ac7f916742dc0d8806145b54740162c01b9e22b2f28666f5fbace9ff1073bd566d7217255c8a1e302a6fd9ff018ca549a236aab353383a9ad978c3fdaaef70002431d9ee6ae8b4bea1db8663b1a58c0ebe41b9a3364970c98a3f294dd55e297f8e9e46d4544695518f5aca687a3aeb5ff22312880a12c2dfdb700d476a286f4e99b16215caa3ceff775f8358c9efd6241ebbd3a94f9e5291a7bf267820f311856ea625714d3169bccd7d9457c991ef3bbedca0c95322b360653ce1d8dd980ef3a6030853e0b2b1eec2ae54c320bcb39bee3995e55fdff4b903c2033229186eea861615644e44b89aacea82f22c94a242c689be1a2df2ddb6d209d55cdde9d988995460c8a1ca1337f9b6380332019d0e0f627894d7809a955af4ebcd775216ba8f7e89ac86fe9ddf66b57463c998990193bb1ca62fd7100ae519f1af6302ef4ef52eee876ce3fd16665b9391b310c0687dec138a199661cdc424c28f19dd45d1a8ffa20ba44d5339661d3916436a87e6c527bf2971a8398247fed59b8b9dae378e5a1e4d7edb6e9257b38501c82c62cde2f742af5b431ba785028636a61dd6b003734ad7938f5504c8f044a5244334eb99292b68d080b740113ffbfa916bb39f382e3fc12ef169336a317ea68bda38d620e56d3e3e92b2e4a70efe6c6840b6fd9081676abc3526cd867be561616ffabfd6a7ee421b9156676539e12d0d4530d32f2291b10d557caa4f0d5c6ad940187c8765110c177453deed615fe687fd3d353814b49bd59e486377ddda8463cef6c8f51d832b6af96fa7e024bc618220639aa6536b8106d8084722bcc8001eedaec740f7de211bb6cdf5c23cc12c8bad926ce80f545566261f67e2207937907c9d606fcbb295910a434fe6501c4a8a01c0f559dd4d1bb490d964f121fed62731e6506e390e7186b976470b1bb12ff0382d86ffbbe6ad981001bc820b6538db332b94f2bd1680210358e043f13d1a044ec3c389dffd7faf65d2469bdca875357dcaa6c34bb649d3f0d045a37779e8cffb28d18883fb37e10c922a442b66c85c3e65d5b9642ab6080ec6cd8cacf4055572f46865fb183c73854e24e4f990abbffc81eeafd0ebe5d3c0b6e2e730e53a02e833be808fb8f1bfc862158c412480a33a982c6ecefa147bc9574c267b0f049cd2b87ddf0b81d16f22931c916216e9f624622923656e9973e48fda50f718a6e9f776471ba0bf7fec2fedc6acfa40f32e28bca2cf60a32bd601bb7a5cceeef08aa7372cdff97838932eeaa9055ab4e6e2230254b075847cf3c59abe7ee3d062d9167fdc7e5dc07a5584cfdca39ead6540b0a1aa731246ff44fadec6e0459b7f152104d49494c8bbcd753cbffd7d0781848b3589ea48096f28e9e8194470773313e3b55900e1993425418328f82978411431c80ac8cb33577bfdb3172ccb610de532ef6849033bbd465d138fbdd15218498a5e8e929163e8bc2ac66064dff42217729cb91cee911ad63cf3201465d770153abe54a4edcdf78472ad0a238bae8cc0593829add538b749a196dec70cdc717396928f24ce4d9d62c689f9557390242e26f7924cb5167beef08edfe8ad62f2e60173fdac2dacd7f43f0dda270be1c7f06b5ef4b784fb78ca1f653357375252bf806f2d496224e23103d5cacdc2bc360645bea9a71cf78a55fb0cbd7a46e3ee4f87ddbfd35d7edc302279911964cb3813d31d89bac768ad256362c0e75a7d2cfbb281739f472a5ac510c4220f1ac7918245808e663764bd00014dda3b43479f64f93324920e5320ee9b898e44a959687a41b8c7c6ae78cb677cb9362391033d4010c7e1265f835dc19f3e5781fbeb57660d4de76e8f11134e8e70613c0c5529a0e1185f05d338650aa78197978d4da66c3d0b47d79f25af03169cf1358a530acb262ff18dd88c40c6106e238bbc1231e468fff88a3d0ac122b1ea6ef2e61e5020af15a762389ae93ca5d27510cde864da1ac0f38c651f6c9f57559a1b4c8c84028898ccc2b2987742216b8bae673bef2578fe4f39ca349404c51f672de4abb25b696fe20e15b56a6ee4d65cb593eccde6c5cff96093dd6a0b1de9258c5958f961cf75edea5df33eaee0debe8fd64a07d333df606d177fbd89b0baca7dc300a9b585993104eab458829bc0cbbe0ca521b5e4d5b1815389a9a5bd782d2cf20e99191bec2bd90daebcc546439a7cbf10195e45e55c76ee1b51d2fe5f3bd4897c70e29c96373077ff3afc37a8b5d2b440680c563a19419f085da68ed07ac00fcf62d83448d4120bf6a0acb72ec8bc9797383dba8f78f4c996d29ed99f2cf4ddd45cbc42f69189ee26c6ebe8114e4de70936c2bd693295f452712630c5e6dae83efd9f996e64e15a5ca3de4d627925cad84dde3ab146a2fb69e218d9ff33988ad8ae86b707231d8667965b8ebe75dabe08d9d953fbbc972591a45afcc4bf0a1786d2ce5ac37c270d6ad1aa19f810316d204965bfc32d71e6d6bd5d141336f5e1280a88436029c391f9b1c05e7b878c3afa06ef732e414dfb7409548e583b12a1fbf4a993a3a90fff2fb9cb1e4f9191f82b216c36a5a6f342bbd32027072bf4faeb0ccbe0b984a3a048e16297216e569b1affb5632afd6f9535003b4a11e3f81954a462407acc2795c0f6f8301c1424197849a390fb0f838bd65e1d66ee5159c0d4d849049bb5d878265872dc302027e0343b69092965219b0174545c4a4e5ba311aa17db1d6f05ce595d18a8c75c74288faa3babe14604060a60ba7a3e980478d4a4730d2c3f1e2e3b30f287fc8befaabcbd1685af926027478a4845fcb15cf90e2889eefa5ef5320fcd492d72d48cf27b61ed8e4e4fe146790a2900b3145cbdf123d2fd8c86df0a5d19dfc9a0c19d31d04d8286929af3f726fe77e0c6a96c38ed56705e553d570365e2ee2beb0dcffe6fe1ba788d033cec6a3bd7b444dbeae9f18cf1e2238f04e6806ab4fee696013f01bf3fab40269b225dd1911c619f325645d0844e942ee724edb79bfc15cfef9e3b098938f2fb20b13e65b3715d490633b2916590bbd51d31479ca560006b1069d9331d2e6011a4f3caf856d11805a9a45017d700415adc21d5feacfc121c039b0b1e0051f45e0e0d2b00ebe922876c448a67de837ff352fba6b718e842fb2f9cb1125e02862008b501d90991b4f168c40678ff0d17398086ee337259944a99662fd1e6f221905247a435fd0e144dbccaef1afa5cf32faa3ee957578b7ad9de350ad05d84432e8149ec75f2dffc384c76e057058aa9b0205b8e818c3655a0677412c6a96c1bed62e8a7c0dfb2eaf62455d13d3c7df4b411a6be1554d0c575490b32564cb4109575dba3de7ec834dc7729498902a0d404b895d41d300da4eed92d5d3443b390e2295c2d4146f3382871ea92e49d2ce101fb4f6a0a840302ef4132551fc80b37ae17d80568c4ac8cf565fc76a513d6b204b1edd52d9077406ea1c4a3057a02fdb1ef11211048bde00b3657406d5e7b1e1cf3cf03243008fd46a0e48e2ef7da93037f285ac31d063a9cbc0475fa16fab85f992e0d73b63ab1dbd19d007082297238d482fb428fbca7f0edab1046ac0361275eaba5bddec46b89754b742bc6dca3f735b59fa3d196247e52b3d97ede8ac3625dbd79defdee6aece20933f6ddb41c0ad868e6d6c688e8b199759d9bb5a4ca102071b6f1ed528776e8a0b6becc8acdd6fa8ab1e81608e422333b2e0454d93bf09fd2f483a81e8ad20d4877cc10953ac8fbde934bfdf6b61126c683ce9398f0e7e58f3e1c6c32010727e0cc4d5d2b301ded668b42bfc8deedd832be4602ec9a3c949842b966aa428d3466bbb65053fd4e260fbf6649f11772c5e69428540f30e5d5dcc9bc0d5e8dcfa97161c9a550773fcd3234b7958e5104795376f4beb3afb034c6c5ff241e724b0696379229770b5c5364276345ce405b7f21b4d870c3834f59a981a73fa2d9ab8bf9c91198a16270358aab90a6004cd7cdffb352ae45cff5f3dc6cb78c1492531b03c5378164aacb175f978370b1e0d2b0e9823304f4ee9d91c69c592f5bd38117c846838ed7351c58c4a7b3ff019f4340d8bbb11bc0b97714e4e1087390e1c2573e0b8c889708bd398c48e762a457d648ed9f7c56ba455b23895f208153971d85398d2d3aae8653d08c501ece5628255cf81e08ca52df41c4ac7cdf12843e27f80b890bfa138210183877c0829b86bab77ef0be562458b5e4fb2df074eee0f0a0231bd8dbe4f15a41021d0fb04586feba3c56fef68752738f383cb9ba987d9236ce733ffff661c7883a2f89abb113d7477c3b4b69db7bbd4a2891b7db853de11f23272fda6e7473617abac96520ad0f02cc67288cb7be554038aedc98a447ecbc5c2daa2d41484f1d4da089bec7b04e5890fedc313ac444fa24d34dbe228db270b159045c772dc2208c082c16d74bc02d280ff387f0fe93c8fd8285786b8a148fb403818dbeb8ee2cb388b39f980f337630bde9164bfa657bb26b46d6cc913ae07ce47c3172c41ec40a5f26a86a05309323d543d104bfa6c4867e3d7055cc11c613b7eb929728dacc769492e8f7a67263270fdde5360322e30cbb20df0c6e94032f4a015391ec539378462be72aff07b723f1af71ccccd7e9801e8a42b14daddf8689b32a27a53fd91a7bfb81998556c5f514762c9932f660caf39633ee3e483e03328c9f672aa2cd098fdba9f2f803c7b44b7b3e0b53494f2a37c728f2ef568063960c7903f68c8874f0446aeaa8c1403350ec5edcf27d15e24dc4a83013b6e4902227533d9717a82188181cfe7d0dd42489cac7e0c6866ba13448ceef82d7b9f639a894e961331e738e2885c44258144207b2c75db3abca996b14c731eb2a373b683e4ec11711c4", [[], [], [], [], [], [], []]}, 0x1720) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000100)) 23:38:04 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:38:04 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) listen(r0, 0x80000001) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r2 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r3, 0xf, &(0x7f0000000280)={0x2, r2}) ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f00000002c0)=0x0) wait4(r4, 0x0, 0x80000000, 0x0) [ 3365.851383] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3365.858523] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3365.881843] CR0=0000000080050033 CR3=000000008d5e8000 CR4=00000000001426e0 [ 3365.905572] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3365.912146] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3365.935013] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3365.940002] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3365.974265] *** Control State *** [ 3365.979640] reason=80000021 qualification=0000000000000000 [ 3365.984319] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3366.005711] EntryControls=0000d3ff ExitControls=002fefff [ 3366.013301] IDTVectoring: info=00000000 errcode=00000000 [ 3366.017693] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3366.027844] TSC Offset = 0xfffff8f3c7468bd8 [ 3366.036293] *** Guest State *** [ 3366.045529] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3366.045788] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3366.061284] EPT pointer = 0x000000008f9dd01e [ 3366.063782] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3366.084908] CR3 = 0x0000000000000000 [ 3366.095703] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3366.101158] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3366.109118] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3366.115315] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3366.115724] reason=80000021 qualification=0000000000000000 [ 3366.127935] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3366.145738] IDTVectoring: info=00000000 errcode=00000000 [ 3366.151230] TSC Offset = 0xfffff8f3ca8bec60 [ 3366.154087] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3366.170023] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3366.179610] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3366.192883] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3366.202469] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3366.205426] EPT pointer = 0x00000000512b301e [ 3366.217503] GDTR: limit=0x00000000, base=0x0000000000000000 23:38:05 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {}, {0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000}, {0x0, 0xd000}, {}, {}, {}, {0x0, 0x2}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f0000000000)=0x5) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:38:05 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1900000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3366.232907] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3366.243562] IDTR: limit=0x00000000, base=0x0000000000000000 23:38:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x8c00) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000fff000/0x1000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:38:05 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:38:05 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r2 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r3, 0xf, &(0x7f0000000280)={0x2, r2}) ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f00000002c0)=0x0) tee(r1, r0, 0x680, 0x1) wait4(r4, 0x0, 0x80000000, 0x0) [ 3366.281521] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3366.302591] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3366.342456] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 23:38:05 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3366.383988] *** Guest State *** [ 3366.393207] Interruptibility = 00000008 ActivityState = 00000000 [ 3366.400846] CR0: actual=0x000000008005003f, shadow=0x000000008005001f, gh_mask=fffffffffffffff7 [ 3366.425759] *** Host State *** [ 3366.433157] CR4: actual=0x0000000000002068, shadow=0x0000000000000028, gh_mask=ffffffffffffe871 [ 3366.445993] RIP = 0xffffffff811b36f0 RSP = 0xffff888052dcf8b8 [ 3366.480316] CR3 = 0x0000000000000000 [ 3366.487837] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 23:38:05 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1a00000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3366.523476] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3366.529191] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3366.547310] *** Guest State *** [ 3366.557029] CR0: actual=0x000000008005003f, shadow=0x000000008005001f, gh_mask=fffffffffffffff7 23:38:05 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3366.567625] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3366.584325] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3366.594194] CR4: actual=0x0000000000002068, shadow=0x0000000000000028, gh_mask=ffffffffffffe871 [ 3366.598415] FSBase=00007f97698e9700 GSBase=ffff8880ae800000 TRBase=fffffe0000033000 [ 3366.621652] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3366.634719] CR3 = 0x0000000000000000 [ 3366.648246] SS: sel=0x0000, attr=0x10000, limit=0x0000d000, base=0x0000000000000000 [ 3366.660315] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [ 3366.667609] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 23:38:05 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) [ 3366.674833] CR0=0000000080050033 CR3=000000004f943000 CR4=00000000001426f0 [ 3366.688427] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3366.695133] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3366.704600] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3366.726309] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3366.734696] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3366.744599] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3366.755543] *** Control State *** [ 3366.759192] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3366.765268] GS: sel=0x0002, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3366.769318] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3366.781130] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3366.805849] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3366.814501] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3366.836232] EntryControls=0000d1ff ExitControls=002fefff [ 3366.841483] IDTR: limit=0x00000002, base=0x0000000000000000 [ 3366.841901] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3366.858288] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3366.865225] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3366.874620] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3366.883080] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3366.903356] EFER = 0x0000000000006500 PAT = 0x0007040600070406 [ 3366.905498] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3366.910984] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3366.927634] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3366.934238] reason=80000021 qualification=0000000000000000 [ 3366.943196] Interruptibility = 00000000 ActivityState = 00000000 [ 3366.945765] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3366.961284] *** Host State *** [ 3366.973819] IDTVectoring: info=00000000 errcode=00000000 [ 3366.974509] RIP = 0xffffffff811b36f0 RSP = 0xffff888057e4f8b8 [ 3366.979802] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3367.005014] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3367.012228] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3367.021212] TSC Offset = 0xfffff8f321238095 [ 3367.033204] EPT pointer = 0x000000009735d01e [ 3367.044246] FSBase=00007f4b44f19700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3367.059003] IDTR: limit=0x00000000, base=0x0000000000000000 [ 3367.070237] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3367.080392] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3367.091472] CR0=0000000080050033 CR3=000000009e687000 CR4=00000000001426f0 [ 3367.102776] EFER = 0x0000000000006500 PAT = 0x0007040600070406 [ 3367.117132] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3367.124003] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 23:38:06 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 23:38:06 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1b00000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:38:06 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3367.134300] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3367.151559] *** Control State *** [ 3367.155252] Interruptibility = 00000000 ActivityState = 00000000 [ 3367.191292] *** Host State *** [ 3367.215776] RIP = 0xffffffff811b36f0 RSP = 0xffff888054c3f8b8 [ 3367.258017] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3367.264741] FSBase=00007f5ecd0ac700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 3367.264931] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2 [ 3367.312962] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 3367.320750] CR0=0000000080050033 CR3=000000005167a000 CR4=00000000001426f0 [ 3367.333954] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87201360 [ 3367.342142] EntryControls=0000d3ff ExitControls=002fefff [ 3367.356110] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3367.363580] VMEntry: intr_info=80000005 errcode=00000000 ilen=00000000 [ 3367.377047] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3367.383474] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3367.394402] *** Control State *** [ 3367.400701] reason=80000021 qualification=0000000000000000 [ 3367.411210] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3367.420922] IDTVectoring: info=00000000 errcode=00000000 [ 3367.433011] EntryControls=0000d3ff ExitControls=002fefff [ 3367.440932] TSC Offset = 0xfffff8f2f0094aa3 [ 3367.449407] EPT pointer = 0x0000000084b2001e [ 3367.454000] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 3367.463821] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3367.484611] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 3367.495214] reason=80000021 qualification=0000000000000000 [ 3367.503749] IDTVectoring: info=00000000 errcode=00000000 23:38:06 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000100)) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x2, 0x2) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r3, 0x28, 0x2, &(0x7f00000000c0), 0x8) 23:38:06 executing program 3: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r0 = getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r1, 0xf, &(0x7f0000000280)={0x2, r0}) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=0x0) r3 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000100)={'syz', 0x1}, &(0x7f0000000300)="09984376eae4ac337de95b87e76314fd4c2db3cba11309b6a8a010ca577ff538ff470ee1a771a78f499905446dfa33fd11de970dc0553cb22202f4f0e64846dacc9f80b441493777f7bbc0e4e1b0488e8c351de1a32f5cc5ef0aa4f1cf35f4721f64c127c00f6bac9adf08edd7c451d09b1c6d31ed502791d8d426e6e438ca04469bc62bfb63be816634e56c845eb529afaa4e982fac178741793abc18a0a05854bc42a060b4db57d2e9483533077d2542a69088a6af82bed68d0eb48d47757941c1002375ca16f87693", 0xca, 0xfffffffffffffffe) keyctl$invalidate(0x15, r3) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x6f, 0x10200) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000040), &(0x7f0000000080)=0x4) wait4(r2, 0x0, 0x10000080000000, 0x0) [ 3367.513702] TSC Offset = 0xfffff8f2e26a8551 [ 3367.520181] EPT pointer = 0x000000008d30601e 23:38:06 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 23:38:06 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1c00000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:38:06 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) ioctl$PPPOEIOCDFWD(r3, 0xb101, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x1ff, 0x0, 0x4, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:38:06 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0xaa13193d7bbde082, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 3367.598211] *** Guest State *** [ 3367.606091] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3367.627334] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3367.667008] CR3 = 0x0000000000000000 [ 3367.686867] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3367.708223] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3367.719701] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 3367.739066] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 3367.776743] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:38:06 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x43050000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3367.820394] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3367.856505] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:38:07 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) r1 = getpid() socketpair$unix(0x1, 0x4004000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000280)={0x2, r1}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) wait4(r3, 0x0, 0x80000000, 0x0) lstat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000040)='./file0\x00', 0x1000000, 0x1, &(0x7f0000000100)=[{&(0x7f0000000080)="af501dede4ebe0c2fd409ce6a313d12d9652c48b65346f809ed85e1203a85d6279802bbab6dfe9f039898794921947d7b21dbe5d4241fd5a25e8b4448a63f11db847e15181", 0x45, 0x10001}], 0x2005000, &(0x7f0000000300)={[{@shortname_mixed='shortname=mixed'}, {@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@shortname_winnt='shortname=winnt'}, {@shortname_winnt='shortname=winnt'}, {@numtail='nonumtail=0'}, {@utf8='utf8=1'}, {@utf8no='utf8=0'}, {@shortname_win95='shortname=win95'}, {@utf8='utf8=1'}], [{@fsmagic={'fsmagic', 0x3d, 0xffffffff}}, {@dont_hash='dont_hash'}, {@dont_appraise='dont_appraise'}, {@appraise_type='appraise_type=imasig'}, {@fowner_gt={'fowner>', r4}}, {@fsname={'fsname'}}, {@fscontext={'fscontext', 0x3d, 'user_u'}}]}) 23:38:07 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet(0x2, 0x0, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {0x40000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) r4 = syz_open_dev$cec(&(0x7f0000000100)='/dev/cec#\x00', 0x1, 0x2) ioctl$ASHMEM_SET_NAME(r4, 0x41007701, &(0x7f0000000140)='/dev/kvm\x00') ioctl$sock_inet_udp_SIOCINQ(r3, 0x541b, &(0x7f0000000000)) r5 = dup3(r2, r2, 0x80000) ioctl$DRM_IOCTL_GET_CAP(r5, 0xc010640c, &(0x7f00000000c0)={0x328, 0x200}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:38:07 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="a6a48c39"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1d00000000000000) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 3367.900418] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 3367.925670] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 23:38:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x288240) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000180)=""/210) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000080)={0xfffffffffffffff9, 0x10000, 0x3f, 0x0, 0x5dd5eab8, 0x101, 0x7, 0x9, 0xffffffffffff9392, 0x80000000, 0x80000000, 0x6, 0x0, 0x80000000, 0x7, 0x8000, 0x4, 0x55f74272, 0x6}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000fff000/0x1000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 3367.984275] GDTR: limit=0x00000000, base=0x0000000000000000 [ 3368.015677] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3368.024657] IDTR: limit=0x00000000, base=0x0000000000000000 23:38:07 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1b) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) [ 3368.055956] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 3368.094809] *** Guest State *** [ 3368.094818] EFER = 0x0000000000006000 PAT = 0x0007040600070406 [ 3368.094831] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 3368.110859] CR0: actual=0x0000000000050032, shadow=0x0000000000050012, gh_mask=fffffffffffffff7 [ 3368.140616] Interruptibility = 00000008 ActivityState = 00000000 [ 3368.166177] *** Host State *** [ 3368.176326] RIP = 0xffffffff811b36f0 RSP = 0xffff88805a3178b8 [ 3368.194171] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 3368.204910] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 3368.212995] FSBase=00007f4b44f19700 GSBase=ffff8880ae900000 TRBase=fffffe0000033000 [ 3368.221861] CR3 = 0x0000000000000000 [ 3368.244064] RSP = 0x0000000000000000 RIP = 0x0000000000008000 [ 3368.255896] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 3368.268641] CR0=0000000080050033 CR3=000000009e687000 CR4=00000000001426e0 [ 3368.285599] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87201360 [ 3368.296922] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 3368.307645] ------------[ cut here ]------------ [ 3368.308021] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 3368.312420] kernel BUG at arch/x86/kvm/x86.c:357! [ 3368.335591] ------------[ cut here ]------------ [ 3368.340387] kernel BUG at arch/x86/kvm/x86.c:357! [ 3368.345008] *** Control State *** [ 3368.345274] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 3368.352127] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 3368.354029] CPU: 0 PID: 17303 Comm: syz-executor.2 Not tainted 5.0.0-rc7+ #86 [ 3368.354038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3368.354059] RIP: 0010:kvm_spurious_fault+0x9/0x10 [ 3368.354075] Code: e8 9c ce 65 00 41 bd 03 00 00 00 5b 44 89 e8 41 5c 41 5d 5d c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 e8 77 ce 65 00 <0f> 0b 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 49 89 d6 41 55 41 54 [ 3368.401140] RSP: 0018:ffff8880919bf3f0 EFLAGS: 00010246 [ 3368.406503] RAX: 0000000000040000 RBX: ffff888097f61600 RCX: ffffc9000cf95000 [ 3368.413770] RDX: 0000000000040000 RSI: ffffffff810a1309 RDI: 0000000000000007 [ 3368.421034] RBP: ffff8880919bf3f0 R08: ffff88804ddb4540 R09: ffff88804ddb4de0 [ 3368.428303] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000001 [ 3368.435573] R13: 0000000000000000 R14: ffff8880a473e000 R15: ffff888097f64ea8 [ 3368.442851] FS: 00007f97698c8700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 3368.451082] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 3368.456964] CR2: ffff8880919bf4a0 CR3: 0000000099660000 CR4: 00000000001426f0 [ 3368.464233] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 3368.471501] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 3368.478765] Call Trace: [ 3368.481366] vmx_vcpu_load+0x474/0xed0 [ 3368.485257] ? handle_ept_misconfig+0x3e0/0x3e0 [ 3368.489927] ? mark_held_locks+0x100/0x100 [ 3368.494165] ? finish_task_switch+0x146/0x790 [ 3368.498662] ? find_held_lock+0x35/0x130 [ 3368.502726] ? finish_task_switch+0x146/0x790 [ 3368.507221] ? mark_held_locks+0xb1/0x100 [ 3368.511381] kvm_arch_vcpu_load+0x1c5/0x890 [ 3368.515705] kvm_sched_in+0x82/0xa0 [ 3368.519345] finish_task_switch+0x28f/0x790 [ 3368.523668] ? __switch_to_asm+0x34/0x70 [ 3368.527726] ? __switch_to_asm+0x40/0x70 [ 3368.531791] __schedule+0x81f/0x1cc0 [ 3368.535509] ? pci_mmcfg_check_reserved+0x170/0x170 [ 3368.540605] ? console_unlock+0x813/0x10a0 [ 3368.544848] ? lockdep_hardirqs_on+0x415/0x5d0 [ 3368.549430] ? trace_hardirqs_on+0x67/0x230 [ 3368.553751] ? preempt_schedule+0x4b/0x60 [ 3368.557900] preempt_schedule_common+0x4f/0xe0 [ 3368.562482] preempt_schedule+0x4b/0x60 [ 3368.566460] ___preempt_schedule+0x16/0x18 [ 3368.570696] ? vprintk_emit+0x2a8/0x6d0 [ 3368.574681] vprintk_emit+0x2ad/0x6d0 [ 3368.578482] vprintk_default+0x28/0x30 [ 3368.582379] vprintk_func+0x7e/0x189 [ 3368.586092] ? vmx_vcpu_run+0xa03/0x3040 [ 3368.590147] printk+0xba/0xed [ 3368.593251] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 3368.598020] ? check_preemption_disabled+0x48/0x290 [ 3368.603042] vmx_handle_exit.cold+0x4a1/0x1338 [ 3368.607638] vcpu_enter_guest+0x128a/0x6290 [ 3368.611963] ? emulator_read_emulated+0x50/0x50 [ 3368.616629] ? lock_acquire+0x16f/0x3f0 [ 3368.620609] ? kvm_check_async_pf_completion+0x2d8/0x440 [ 3368.626067] kvm_arch_vcpu_ioctl_run+0x425/0x16e0 [ 3368.630905] ? kvm_arch_vcpu_ioctl_run+0x425/0x16e0 [ 3368.635925] kvm_vcpu_ioctl+0x4dc/0xfa0 [ 3368.639899] ? kvm_vcpu_block+0xcd0/0xcd0 [ 3368.644050] ? mark_held_locks+0x100/0x100 [ 3368.648294] ? __might_fault+0x12b/0x1e0 [ 3368.652362] ? __fget+0x340/0x540 [ 3368.655813] ? find_held_lock+0x35/0x130 [ 3368.659872] ? __fget+0x340/0x540 [ 3368.663329] ? kvm_vcpu_block+0xcd0/0xcd0 [ 3368.667487] do_vfs_ioctl+0xd6e/0x1390 [ 3368.671379] ? ioctl_preallocate+0x210/0x210 [ 3368.675787] ? smack_file_ioctl+0x196/0x300 [ 3368.680109] ? smack_file_lock+0x240/0x240 [ 3368.684347] ? __fget+0x367/0x540 [ 3368.687803] ? iterate_fd+0x360/0x360 [ 3368.691663] ? nsecs_to_jiffies+0x30/0x30 [ 3368.695824] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3368.701369] ? security_file_ioctl+0x93/0xc0 [ 3368.705774] ksys_ioctl+0xab/0xd0 [ 3368.709223] __x64_sys_ioctl+0x73/0xb0 [ 3368.713108] do_syscall_64+0x103/0x610 [ 3368.716998] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3368.722182] RIP: 0033:0x457e29 [ 3368.725378] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3368.744281] RSP: 002b:00007f97698c7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3368.751988] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29 [ 3368.759349] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 3368.766617] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 3368.773888] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f97698c86d4 [ 3368.781161] R13: 00000000004c0d61 R14: 00000000004d2bb8 R15: 00000000ffffffff [ 3368.788438] Modules linked in: [ 3368.791646] invalid opcode: 0000 [#2] PREEMPT SMP KASAN [ 3368.791745] ---[ end trace e6569081e81d658e ]--- [ 3368.797024] CPU: 1 PID: 17311 Comm: syz-executor.5 Tainted: G D 5.0.0-rc7+ #86 [ 3368.797034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3368.797059] RIP: 0010:kvm_spurious_fault+0x9/0x10 [ 3368.801792] RIP: 0010:kvm_spurious_fault+0x9/0x10 [ 3368.810432] Code: e8 9c ce 65 00 41 bd 03 00 00 00 5b 44 89 e8 41 5c 41 5d 5d c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 e8 77 ce 65 00 <0f> 0b 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 49 89 d6 41 55 41 54 [ 3368.810440] RSP: 0018:ffff88805100f790 EFLAGS: 00010216 [ 3368.810451] RAX: 0000000000040000 RBX: ffff88804ea55e30 RCX: ffffc90010a75000 [ 3368.810462] RDX: 000000000000044f RSI: ffffffff810a1309 RDI: 0000000000000007 [ 3368.819829] Code: e8 9c ce 65 00 41 bd 03 00 00 00 5b 44 89 e8 41 5c 41 5d 5d c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 e8 77 ce 65 00 <0f> 0b 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 49 89 d6 41 55 41 54 [ 3368.824636] RBP: ffff88805100f790 R08: ffff88804fae6040 R09: ffff888050fb3000 [ 3368.829483] RSP: 0018:ffff8880919bf3f0 EFLAGS: 00010246 [ 3368.848365] R10: ffffed100a1f67ff R11: ffff888050fb3fff R12: 1ffff1100a201ef5 [ 3368.848373] R13: ffff888050fb3000 R14: ffff88805100f808 R15: 000000000000ae41 [ 3368.848383] FS: 00007f5ecd08b700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 3368.848391] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 3368.848403] CR2: 000000001fffff00 CR3: 000000005b226000 CR4: 00000000001426e0 [ 3368.853759] RAX: 0000000000040000 RBX: ffff888097f61600 RCX: ffffc9000cf95000 [ 3368.861017] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 3368.861024] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 3368.861030] Call Trace: [ 3368.861051] loaded_vmcs_init+0x95/0x250 [ 3368.861065] ? find_msr_entry+0x170/0x170 [ 3368.868347] RDX: 0000000000040000 RSI: ffffffff810a1309 RDI: 0000000000000007 [ 3368.887240] ? memset+0x32/0x40 [ 3368.887257] alloc_loaded_vmcs+0x81/0x170 [ 3368.887273] vmx_create_vcpu+0x24e/0x24dd [ 3368.894538] RBP: ffff8880919bf3f0 R08: ffff88804ddb4540 R09: ffff88804ddb4de0 [ 3368.899902] ? mutex_trylock+0x1e0/0x1e0 [ 3368.899921] ? vmx_exec_control+0x210/0x210 [ 3368.899938] ? wait_for_completion+0x440/0x440 [ 3368.907225] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000001 [ 3368.914479] kvm_arch_vcpu_create+0x80/0x120 [ 3368.922719] R13: 0000000000000000 R14: ffff8880a473e000 R15: ffff888097f64ea8 [ 3368.928568] kvm_vm_ioctl+0x5ce/0x1900 [ 3368.928585] ? kvm_unregister_device_ops+0x70/0x70 [ 3368.935869] FS: 00007f97698c8700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 3368.943116] ? __lock_acquire+0x53b/0x4700 [ 3368.950407] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 3368.957662] ? __lock_acquire+0x53b/0x4700 [ 3368.957677] ? mark_held_locks+0x100/0x100 [ 3368.960249] CR2: ffff8880919bf4a0 CR3: 0000000099660000 CR4: 00000000001426f0 [ 3368.964307] ? mark_held_locks+0x100/0x100 [ 3368.968455] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 3368.975706] ? kcov_ioctl+0x53/0x210 [ 3368.975726] ? __might_fault+0x12b/0x1e0 [ 3368.975741] ? __fget+0x340/0x540 [ 3368.979014] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 3368.983156] ? find_held_lock+0x35/0x130 [ 3368.987306] Kernel panic - not syncing: Fatal exception [ 3368.994546] ? __fget+0x340/0x540 [ 3369.112440] ? kvm_unregister_device_ops+0x70/0x70 [ 3369.117387] do_vfs_ioctl+0xd6e/0x1390 [ 3369.121281] ? ioctl_preallocate+0x210/0x210 [ 3369.125694] ? smack_file_ioctl+0x196/0x300 [ 3369.130024] ? smack_file_lock+0x240/0x240 [ 3369.134256] ? __fget+0x367/0x540 [ 3369.137711] ? iterate_fd+0x360/0x360 [ 3369.141513] ? nsecs_to_jiffies+0x30/0x30 [ 3369.145669] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3369.151212] ? security_file_ioctl+0x93/0xc0 [ 3369.155625] ksys_ioctl+0xab/0xd0 [ 3369.159082] __x64_sys_ioctl+0x73/0xb0 [ 3369.162974] do_syscall_64+0x103/0x610 [ 3369.166868] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3369.172056] RIP: 0033:0x457e29 [ 3369.175253] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3369.194335] RSP: 002b:00007f5ecd08ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3369.202066] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29 [ 3369.209350] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 3369.216630] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 3369.224862] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5ecd08b6d4 [ 3369.232147] R13: 00000000004c0924 R14: 00000000004d2738 R15: 00000000ffffffff [ 3369.239427] Modules linked in: [ 3369.243787] Kernel Offset: disabled [ 3369.247416] Rebooting in 86400 seconds..