[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   38.998733] audit: type=1800 audit(1545645388.043:25): pid=6083 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   39.017809] audit: type=1800 audit(1545645388.053:26): pid=6083 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   39.037140] audit: type=1800 audit(1545645388.063:27): pid=6083 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.15.210' (ECDSA) to the list of known hosts.
2018/12/24 09:56:40 fuzzer started
2018/12/24 09:56:44 dialing manager at 10.128.0.26:35051
2018/12/24 09:56:45 syscalls: 1
2018/12/24 09:56:45 code coverage: enabled
2018/12/24 09:56:45 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2018/12/24 09:56:45 setuid sandbox: enabled
2018/12/24 09:56:45 namespace sandbox: enabled
2018/12/24 09:56:45 Android sandbox: /sys/fs/selinux/policy does not exist
2018/12/24 09:56:45 fault injection: enabled
2018/12/24 09:56:45 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2018/12/24 09:56:45 net packet injection: enabled
2018/12/24 09:56:45 net device setup: enabled
09:58:55 executing program 0:
clone(0x20040200, 0x0, 0x0, 0x0, 0x0)
mknod(&(0x7f0000000140)='./file0\x00', 0x1040, 0x0)
execve(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000280)='clear_refs\x00\xb0Ix\xe6\fK\xa3/\xd7\xb9IqK\xcb\xe8\fW\xafYt|a\xa3\x16\x19\xcb\xaf\xea\x03O[k\xb1S2\x86\v\x9f\x14\xc6T\xd1\x01$\x84\xf5\xc9\xd8\xed\xca\xd2\xf0s\xe0\xcaPx\xfcd\xd3\x8d\x1e){\x9df\xa7\x14R\xb9,\xaegV\x96!n\b\xf2\x1e\x87\xb8\xb5M\xa0\xd1\xb5\xf3\xb4\xd6\xf8\xca\xf3J\x15\xed+,\x98\xfc\xbfX\x12\x97\xb3\x1b\xea\xfa\xff\xb7gx\xa1\x96\xad\x93\xaa=-z\x06r\b\'')
r1 = syz_open_procfs(0x0, &(0x7f0000000440)='syscall\x00')
pipe2(0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
open(0x0, 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
creat(&(0x7f0000000200)='./file0\x00', 0x0)

syzkaller login: [  187.323634] IPVS: ftp: loaded support on port[0] = 21
[  188.480670] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.487228] bridge0: port 1(bridge_slave_0) entered disabled state
[  188.495260] device bridge_slave_0 entered promiscuous mode
[  188.574960] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.581482] bridge0: port 2(bridge_slave_1) entered disabled state
[  188.589700] device bridge_slave_1 entered promiscuous mode
[  188.661325] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  188.731320] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  188.946445] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  189.020673] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  189.159706] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  189.166739] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  189.384203] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  189.392544] team0: Port device team_slave_0 added
[  189.463281] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  189.471429] team0: Port device team_slave_1 added
[  189.542711] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  189.618232] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  189.691686] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  189.699234] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  189.708273] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  189.784809] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  189.792421] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  189.801368] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
09:58:59 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfffffffffffffffe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340))
r3 = accept(r2, 0x0, &(0x7f0000000200))
r4 = dup2(r0, r2)
mount(&(0x7f0000000500)=@filename='./file0\x00', 0x0, &(0x7f0000000580)='nfs\x00', 0x8a, 0x0)
ioctl$TCSETSW(r4, 0x5403, &(0x7f00000003c0)={0x9, 0x0, 0x10001, 0x3, 0x1, 0x422, 0x8, 0xffff, 0x80000000, 0x1, 0x0, 0x20})
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000540)='tls\x00', 0x4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$packet_int(r3, 0x107, 0x10, &(0x7f0000000380)=0x9, 0x4)
sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c)
prctl$PR_GET_PDEATHSIG(0x2, &(0x7f0000000080))
ioctl$int_out(r1, 0x2, &(0x7f0000000280))
r6 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
sendmsg$nl_route(r3, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x24}, 0xc, &(0x7f0000000480)={&(0x7f0000000180)=ANY=[@ANYBLOB="b2ce4752a0fc9c167d8e10640eb0611e7673c5bfa4be2c094c0d4e214dfcdc04c9408ef687e4e1ae07b7a4132e7fd7f42c74625adbb1439b5dcdfbc640ce7b736891545bdd39a3a41adfa094a9d64e606d60d102beab18e06916315623e2ec16d1250be4e8da447c979f5e8d1a86a779d4ba"], 0x1}}, 0x0)
preadv(r6, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x0)
chroot(&(0x7f0000000640)='./file0\x00')
rt_sigpending(&(0x7f00000002c0), 0x8)
lsetxattr$security_smack_transmute(0x0, &(0x7f00000000c0)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000100)='TRUE', 0x4, 0x1)

[  190.374432] ip (6336) used greatest stack depth: 54128 bytes left
[  190.764627] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.771231] bridge0: port 2(bridge_slave_1) entered forwarding state
[  190.778337] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.784855] bridge0: port 1(bridge_slave_0) entered forwarding state
[  190.793743] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  190.824299] IPVS: ftp: loaded support on port[0] = 21
[  191.161836] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  192.782325] bridge0: port 1(bridge_slave_0) entered blocking state
[  192.788831] bridge0: port 1(bridge_slave_0) entered disabled state
[  192.796954] device bridge_slave_0 entered promiscuous mode
[  192.949654] bridge0: port 2(bridge_slave_1) entered blocking state
[  192.956271] bridge0: port 2(bridge_slave_1) entered disabled state
[  192.964277] device bridge_slave_1 entered promiscuous mode
[  193.097147] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  193.255584] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  193.649627] bond0: Enslaving bond_slave_0 as an active interface with an up link
09:59:02 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=ANY=[@ANYBLOB="fe8000000000000000000000000000aa000004d56c00000000000000000000000000000000000000fc000000000000005cd7000000000000fdffffffffffffffd60f0000000000000001000000000000000000251e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000025bd7000063500000a0000171000000000000000010000000900000000000000000000000000000000"], 0x1}, 0x8}, 0x0)

[  193.809585] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  194.300065] IPVS: ftp: loaded support on port[0] = 21
[  194.481877] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  194.490106] team0: Port device team_slave_0 added
[  194.629378] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  194.637788] team0: Port device team_slave_1 added
[  194.805623] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  194.815664] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  194.824353] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  194.956819] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  195.110078] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  195.117725] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  195.126686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  195.255473] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  195.263260] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  195.272052] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  196.225678] 8021q: adding VLAN 0 to HW filter on device bond0
[  196.736620] bridge0: port 1(bridge_slave_0) entered blocking state
[  196.743207] bridge0: port 1(bridge_slave_0) entered disabled state
[  196.751084] device bridge_slave_0 entered promiscuous mode
[  196.762443] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  196.897501] bridge0: port 2(bridge_slave_1) entered blocking state
[  196.904074] bridge0: port 2(bridge_slave_1) entered forwarding state
[  196.910970] bridge0: port 1(bridge_slave_0) entered blocking state
[  196.917547] bridge0: port 1(bridge_slave_0) entered forwarding state
[  196.926176] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  196.938569] bridge0: port 2(bridge_slave_1) entered blocking state
[  196.945169] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.953122] device bridge_slave_1 entered promiscuous mode
[  197.148200] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  197.293124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  197.335895] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  197.411078] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  197.417566] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  197.425398] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  197.780247] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  197.930864] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  197.954210] 8021q: adding VLAN 0 to HW filter on device team0
[  198.630660] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  198.638935] team0: Port device team_slave_0 added
[  198.790611] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  198.798953] team0: Port device team_slave_1 added
[  198.972989] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  199.150740] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  199.303379] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  199.310980] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  199.319904] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  199.480558] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  199.488629] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  199.497395] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
09:59:09 executing program 3:
ioctl$EXT4_IOC_RESIZE_FS(0xffffffffffffffff, 0x40086610, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @remote, 0x7}, 0x1c)

[  200.741928] IPVS: ftp: loaded support on port[0] = 21
[  201.380310] bridge0: port 2(bridge_slave_1) entered blocking state
[  201.386881] bridge0: port 2(bridge_slave_1) entered forwarding state
[  201.393942] bridge0: port 1(bridge_slave_0) entered blocking state
[  201.400433] bridge0: port 1(bridge_slave_0) entered forwarding state
[  201.408979] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  201.415606] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
09:59:11 executing program 0:
sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x800000009)
getegid()
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000001600)='/proc/self/net/pfkey\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001240)={0x1, 0x70, 0x0, 0x0, 0x0, 0xde4d, 0x0, 0x0, 0x1, 0x7, 0x0, 0x7, 0x0, 0x6512dd2a, 0xfffffffffffffffd, 0x3, 0x10001, 0x7ec5, 0x0, 0x9, 0xffffffffffff9a6a, 0x0, 0x0, 0x4, 0x60000000, 0x4b95, 0x5e, 0x2, 0x0, 0xfffffffffffff000, 0x6, 0x2, 0x8, 0xffffffffffffff00, 0x6, 0xc1, 0xffffffffffffffeb, 0x4, 0x0, 0x6, 0x4, @perf_config_ext={0x7, 0x3f}, 0x20, 0xffffffffffff8c04, 0x8001, 0x2, 0x1, 0x0, 0xd8}, 0x0, 0xf, r0, 0x9)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[@ANYBLOB="020af0030700000025bd700000000000050019000000000402004e0300000000000000000000000002004e217f0800010000000000000000"], 0x38}}, 0xc800)

09:59:11 executing program 0:
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="020100021000000000000600000000000800120000ffff00000000000000000006000000000000000000800000000000e00000010700000000000000000035000000000000000000000000ff00000000030006000000000002000004000000bb00000000000000000300050000000000020042256a0ee6f4c5b7751ba64198d6"], 0x80}}, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0)

09:59:11 executing program 0:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='sched\x00')
ioctl$KDGKBMETA(r0, 0x4b62, &(0x7f0000000000))
pread64(r0, &(0x7f0000000080)=""/111, 0x6f, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f0000000080)={0x0, 'bridge0\x00'}, 0x18)
ioctl(r1, 0x800000000008982, &(0x7f0000000080))

[  202.665831] 8021q: adding VLAN 0 to HW filter on device bond0
09:59:11 executing program 0:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='sched\x00')
ioctl$KDGKBMETA(r0, 0x4b62, &(0x7f0000000000))
pread64(r0, &(0x7f0000000080)=""/111, 0x6f, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f0000000080)={0x0, 'bridge0\x00'}, 0x18)
ioctl(r1, 0x800000000008982, &(0x7f0000000080))

09:59:12 executing program 0:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='sched\x00')
ioctl$KDGKBMETA(r0, 0x4b62, &(0x7f0000000000))
pread64(r0, &(0x7f0000000080)=""/111, 0x6f, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f0000000080)={0x0, 'bridge0\x00'}, 0x18)
ioctl(r1, 0x800000000008982, &(0x7f0000000080))

09:59:12 executing program 0:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='sched\x00')
ioctl$KDGKBMETA(r0, 0x4b62, &(0x7f0000000000))
pread64(r0, &(0x7f0000000080)=""/111, 0x6f, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f0000000080)={0x0, 'bridge0\x00'}, 0x18)
ioctl(r1, 0x800000000008982, &(0x7f0000000080))

09:59:12 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000080)='fuse\x00', 0x2a00003, &(0x7f0000000380)=ANY=[@ANYBLOB="02d16a9c5b5c2a7e6a79e9025920955fe8829933492e3dc0a01c", @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB="3dbaff00000a00ca1b89b59b5dc0969f7732b078cfff59000000", @ANYRESDEC=0x0, @ANYBLOB="6786"])
stat(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000240))
read$FUSE(r0, &(0x7f00000030c0), 0xffffffe8)
write$FUSE_INIT(r0, &(0x7f0000000180)={0x50, 0x0, 0x1}, 0x50)
open(&(0x7f0000000000)='./file0/file0\x00', 0x40002, 0x0)
read$FUSE(r0, &(0x7f00000020c0), 0x1000)
write$FUSE_DIRENT(r0, &(0x7f0000000500)={0x90, 0x0, 0x2, [{0x0, 0x0, 0xb, 0x0, 'em1nodevem1'}, {0x0, 0x0, 0x1, 0x0, '@'}, {0x0, 0x0, 0x1c, 0x0, '+system\xcccpusetcgroup$cgroup\x15'}]}, 0x90)

[  203.407167] bridge0: port 1(bridge_slave_0) entered blocking state
[  203.413803] bridge0: port 1(bridge_slave_0) entered disabled state
[  203.421827] device bridge_slave_0 entered promiscuous mode
[  203.475958] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
09:59:12 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='oom_score_adj\x00')
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x5c832, r0, 0x0)
write$cgroup_int(r0, &(0x7f0000000000), 0x12)

[  203.640130] bridge0: port 2(bridge_slave_1) entered blocking state
[  203.646776] bridge0: port 2(bridge_slave_1) entered disabled state
[  203.654711] device bridge_slave_1 entered promiscuous mode
09:59:12 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
prctl$PR_GET_CHILD_SUBREAPER(0x25)
unshare(0x20400)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x40, 0x0)
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000080)={0x5, &(0x7f0000000040)=[{0x8, 0x7, 0x99, 0x8}, {0x800, 0x2501, 0x0, 0x318}, {0x3, 0x5b5, 0x400, 0x7}, {0x5, 0x10001, 0x6, 0x80000000}, {0x40, 0x100, 0x4, 0x15}]})
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x26)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)

[  203.812240] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  203.963892] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  203.996321] ip (6910) used greatest stack depth: 54048 bytes left
[  204.130495] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  204.136850] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  204.144520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  204.368308] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  204.462368] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  204.728601] 8021q: adding VLAN 0 to HW filter on device team0
[  204.744943] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  204.751987] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  205.138426] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  205.146740] team0: Port device team_slave_0 added
[  205.303898] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  205.312055] team0: Port device team_slave_1 added
[  205.467079] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  205.627638] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  205.778881] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  205.786676] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  205.795394] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  205.960243] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  205.968021] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  205.976704] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  207.655601] 8021q: adding VLAN 0 to HW filter on device bond0
[  207.677477] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.684088] bridge0: port 2(bridge_slave_1) entered forwarding state
[  207.691002] bridge0: port 1(bridge_slave_0) entered blocking state
[  207.697564] bridge0: port 1(bridge_slave_0) entered forwarding state
[  207.706459] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  207.713022] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  208.135496] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
09:59:17 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfffffffffffffffe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340))
r3 = accept(r2, 0x0, &(0x7f0000000200))
r4 = dup2(r0, r2)
mount(&(0x7f0000000500)=@filename='./file0\x00', 0x0, &(0x7f0000000580)='nfs\x00', 0x8a, 0x0)
ioctl$TCSETSW(r4, 0x5403, &(0x7f00000003c0)={0x9, 0x0, 0x10001, 0x3, 0x1, 0x422, 0x8, 0xffff, 0x80000000, 0x1, 0x0, 0x20})
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000540)='tls\x00', 0x4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$packet_int(r3, 0x107, 0x10, &(0x7f0000000380)=0x9, 0x4)
sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c)
prctl$PR_GET_PDEATHSIG(0x2, &(0x7f0000000080))
ioctl$int_out(r1, 0x2, &(0x7f0000000280))
r6 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
sendmsg$nl_route(r3, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x24}, 0xc, &(0x7f0000000480)={&(0x7f0000000180)=ANY=[@ANYBLOB="b2ce4752a0fc9c167d8e10640eb0611e7673c5bfa4be2c094c0d4e214dfcdc04c9408ef687e4e1ae07b7a4132e7fd7f42c74625adbb1439b5dcdfbc640ce7b736891545bdd39a3a41adfa094a9d64e606d60d102beab18e06916315623e2ec16d1250be4e8da447c979f5e8d1a86a779d4ba"], 0x1}}, 0x0)
preadv(r6, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x0)
chroot(&(0x7f0000000640)='./file0\x00')
rt_sigpending(&(0x7f00000002c0), 0x8)
lsetxattr$security_smack_transmute(0x0, &(0x7f00000000c0)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000100)='TRUE', 0x4, 0x1)

[  208.581759] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  208.588056] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  208.595818] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  209.008930] 8021q: adding VLAN 0 to HW filter on device team0
[  211.553592] ip (7232) used greatest stack depth: 53736 bytes left
09:59:21 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000200)='io.bfq.weight\x00', 0x2, 0x0)
sendfile(r0, r1, 0x0, 0x4)

[  212.266841] 8021q: adding VLAN 0 to HW filter on device bond0
[  212.567256] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  212.718126] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  212.724442] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  212.731962] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  212.883295] 8021q: adding VLAN 0 to HW filter on device team0
09:59:22 executing program 3:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = perf_event_open(&(0x7f0000000280)={0x1, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup3(r0, r1, 0x0)

09:59:22 executing program 0:
symlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='./file0\x00')
lgetxattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000080)=@known='system.posix_acl_access\x00', &(0x7f0000000280)=""/178, 0x0)

09:59:22 executing program 4:
ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f0000000000)=<r0=>0x0)
process_vm_readv(r0, &(0x7f0000000100)=[{&(0x7f0000000040)=""/154, 0x9a}], 0x1, &(0x7f0000001240)=[{&(0x7f0000000140)=""/4096, 0x1000}, {&(0x7f0000001140)=""/219, 0xdb}], 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001280)='cgroup.events\x00', 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f00000012c0)=0x2, 0x4)
ioctl$VIDIOC_G_CROP(r1, 0xc014563b, &(0x7f0000001300)={0xf, {0xffff, 0x401, 0x7, 0x6}})
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000001340)={0xfffffffffffffffc, 0x4, 0x3000}, 0x4)
ioctl$sock_inet_SIOCGIFDSTADDR(r1, 0x8917, &(0x7f0000001380)={'dummy0\x00', {0x2, 0x4e20, @remote}})
ioctl$TUNSETVNETLE(r1, 0x400454dc, &(0x7f00000013c0)=0x1)
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000001680)={{{@in6=@mcast2, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0, <r3=>0x0}}, {{@in6=@mcast2}, 0x0, @in=@loopback}}, &(0x7f0000001780)=0xe8)
r4 = getgid()
sendmsg$netlink(r1, &(0x7f0000001800)={&(0x7f0000001400)=@proc={0x10, 0x0, 0x25dfdbff, 0x400400}, 0xc, &(0x7f0000001640)=[{&(0x7f0000001440)={0x1c8, 0x26, 0x20, 0x70bd25, 0x25dfdbfb, "", [@generic="ece8a5", @nested={0x128, 0x48, [@generic="ea0333956c8ae97a0e430145a9978069097f1bee2ec45e58b79bdfb45ed3c42d16704069e231e176854398c1682c2214d2c68cc42ad069697b5605946f063cd0def8fc4c09f4e829a5d901a056575ce796af9fe53d45", @generic="7382695a631a38a8f47bcb37843218ed751a114d55decaa166b01c9cfa71ba6db6e85b17aec2888e8acd29dc16f405850405570da82ca8fe81f8592f160366836f3f26db06f5c356cec9259f4f033f68ffe26fcbd501495ce990dd74fa8e448d43f9af52d294eedcf456ac390a779aeeaca04dcd6974a7420ee16f846dc6bf6a95d61b12ee5865b9fa99120757cbb8b459eed6aea71033b0512f1a5d71c8e79da34aa520a6ac89092d24247487a0131d4722ef65d12477ec0a80916c23b2cdad392e9e2aeee02945205917"]}, @nested={0x7c, 0x7a, [@generic="f28edaa4cfb1a1120675972bedac1eeab9de0264c219e53e2f3b05dd5b85ae38451bf1a546e806191497f33236e981a4459bc34e5d1bf2224605827c6853a0f49b84e61a83ed748b0e234121c5d5bcb7178f4e1fe148bda99d7b79876eb95adf68924f463f780a538a9410b7b640c5ef1b72e0f356"]}, @typed={0x4, 0x6f}, @typed={0xc, 0x77, @u64=0x7e}]}, 0x1c8}], 0x1, &(0x7f00000017c0)=[@cred={0x20, 0x1, 0x2, r0, r3, r4}], 0x20, 0x40}, 0x80)
getpeername$inet(r1, &(0x7f0000001840)={0x2, 0x0, @loopback}, &(0x7f0000001880)=0x10)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f00000018c0)={0x0, @multicast2, 0x4e22, 0x2, 'ovf\x00', 0x1, 0x400000000000, 0x2a}, 0x2c)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000ffd000/0x1000)=nil)
prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffc000/0x2000)=nil)
setsockopt$packet_drop_memb(r1, 0x107, 0x2, &(0x7f0000001900)={r2, 0x1, 0x6}, 0x10)
ioctl$SCSI_IOCTL_START_UNIT(r1, 0x5)
r5 = accept4$alg(r1, 0x0, 0x0, 0x80800)
ioctl$VIDIOC_G_SELECTION(r1, 0xc040565e, &(0x7f0000001940)={0x6, 0x103, 0x1, {0x0, 0x0, 0x1, 0x5}})
ioctl$sock_inet_SIOCSIFBRDADDR(r5, 0x891a, &(0x7f0000001980)={'team_slave_0\x00', {0x2, 0x4e21, @remote}})
getsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, &(0x7f00000019c0), 0x2)
ioctl$DRM_IOCTL_ADD_MAP(r1, 0xc0286415, &(0x7f0000001a00)={0x0, 0x5, 0x4, 0x5c, &(0x7f0000ffc000/0x3000)=nil, 0x4})
ioctl$VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f0000001a40)={0x3, 0x100000001})
syz_open_dev$sg(&(0x7f0000001a80)='/dev/sg#\x00', 0xffffffff80000001, 0x400002)
syz_kvm_setup_cpu$x86(r1, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000001b40)=[@text16={0x10, &(0x7f0000001ac0)="b847000f00d80f0866b9f709000066b80038000066ba000000000f3066b8010000000f01c1640fc76b373e0f2f59000fc72a66b8008800000f23d80f21f86635800000f00f23f866b875b1b9e60f23d80f21f86635800000000f23f80f015f00", 0x60}], 0x1, 0x4c, &(0x7f0000001b80), 0x0)
mkdir(&(0x7f0000001bc0)='./file0\x00', 0x15)
setsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000001c00)={r0, r3, r4}, 0xc)
mincore(&(0x7f0000fee000/0x2000)=nil, 0x2000, &(0x7f0000001c40)=""/4096)
ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000002c40)={0x1a, 0x28, 0x0, 0x15, 0x6, 0xf307, 0x3, 0x81, 0xffffffffffffffff})
getgid()

09:59:22 executing program 2:
r0 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x400000000000004, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @mcast1}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000340)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @local}}}, 0x108)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000000)={<r1=>0x0, @in={{0x2, 0x4e24, @multicast2}}, [0x20, 0x4, 0x5, 0x200, 0x1, 0x94, 0x7ff, 0x800, 0x5, 0x2, 0x40, 0x7, 0x6, 0x81, 0x5]}, &(0x7f0000000100)=0x100)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000140)={r1, 0x204}, 0x8)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2f, &(0x7f0000000480)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @mcast1}}}, 0x108)

09:59:22 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfffffffffffffffe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340))
r3 = accept(r2, 0x0, &(0x7f0000000200))
r4 = dup2(r0, r2)
mount(&(0x7f0000000500)=@filename='./file0\x00', 0x0, &(0x7f0000000580)='nfs\x00', 0x8a, 0x0)
ioctl$TCSETSW(r4, 0x5403, &(0x7f00000003c0)={0x9, 0x0, 0x10001, 0x3, 0x1, 0x422, 0x8, 0xffff, 0x80000000, 0x1, 0x0, 0x20})
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000540)='tls\x00', 0x4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$packet_int(r3, 0x107, 0x10, &(0x7f0000000380)=0x9, 0x4)
sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c)
prctl$PR_GET_PDEATHSIG(0x2, &(0x7f0000000080))
ioctl$int_out(r1, 0x2, &(0x7f0000000280))
r6 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
sendmsg$nl_route(r3, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x24}, 0xc, &(0x7f0000000480)={&(0x7f0000000180)=ANY=[@ANYBLOB="b2ce4752a0fc9c167d8e10640eb0611e7673c5bfa4be2c094c0d4e214dfcdc04c9408ef687e4e1ae07b7a4132e7fd7f42c74625adbb1439b5dcdfbc640ce7b736891545bdd39a3a41adfa094a9d64e606d60d102beab18e06916315623e2ec16d1250be4e8da447c979f5e8d1a86a779d4ba"], 0x1}}, 0x0)
preadv(r6, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x0)
chroot(&(0x7f0000000640)='./file0\x00')
rt_sigpending(&(0x7f00000002c0), 0x8)
lsetxattr$security_smack_transmute(0x0, &(0x7f00000000c0)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000100)='TRUE', 0x4, 0x1)

09:59:22 executing program 5:
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffff9c, 0xc00c642e, &(0x7f0000000000)={0x0, 0x80000, <r0=>0xffffffffffffff9c})
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000040)={0x0, 0x0, 0x6, 0x0, [], [{0x4e2490d0, 0xf22, 0x4, 0x5, 0x8001, 0x20}, {0x7fff, 0xff, 0x2, 0x4, 0x8, 0xa8f}], [[], [], [], [], [], []]})
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000280)='/dev/dsp\x00', 0x101000, 0x0)
getpeername$unix(r1, &(0x7f00000002c0)=@abs, &(0x7f0000000340)=0x6e)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000380)={0x80000001, 0xfffffffffffffff8, 0x7fff, 0x90f, 0x2a8})
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f00000003c0)=0x2063)
ioctl$RTC_ALM_READ(r1, 0x80247008, &(0x7f0000000400))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000480)={<r2=>0x0, r1, 0x0, 0x3, &(0x7f0000000440)='lo\x00', <r3=>0xffffffffffffffff}, 0x30)
r4 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000004c0)=r3, 0x4)
syz_open_procfs$namespace(r2, &(0x7f0000000500)='ns/user\x00')
ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000540)="46ed2233340cdaa884bb0583b1e85c41")
r5 = socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$TUNGETIFF(r1, 0x800454d2, &(0x7f0000000580))
ioctl$TUNSETFILTEREBPF(r1, 0x800454e1, &(0x7f00000005c0)=r4)
write$P9_RLERROR(r1, &(0x7f0000000600)={0x9, 0x7, 0x2}, 0x9)
getsockopt$IP6T_SO_GET_ENTRIES(r1, 0x29, 0x41, &(0x7f0000000640)={'mangle\x00', 0x61, "c3b0de98ee650b0a1e54a1588b4e03ff033d2a5a40921c0138c91a7402787a2ce860dd2628c38aefa74ccf45f6d293238ab67b978f1e13048ad987b1cc6653d29bd537fd3066f14bfdfb8188bf99a04381a30d50a6c8963e3649014b18c153eb60"}, &(0x7f0000000700)=0x85)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000780)={0x7001, &(0x7f0000000740), 0x8, r0, 0x4})
ioctl$SNDRV_TIMER_IOCTL_PVERSION(r1, 0x80045400, &(0x7f00000007c0))
ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
ioctl$IOC_PR_RESERVE(r1, 0x401070c9, &(0x7f0000000800)={0xd11c, 0x3, 0x1})
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000008c0)={<r6=>0x0, 0x4c, &(0x7f0000000840)=[@in6={0xa, 0x4e21, 0x8, @mcast2, 0x1}, @in={0x2, 0x4e22, @multicast2}, @in={0x2, 0x4e23, @multicast1}, @in={0x2, 0x4e22, @loopback}]}, &(0x7f0000000900)=0x10)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000940)={r6, 0x7fff, 0x10}, &(0x7f0000000980)=0xc)
prctl$PR_MCE_KILL_GET(0x22)
ioctl$VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f00000009c0)={0x6, @pix={0x8, 0x1, 0x3231564e, 0x4, 0x0, 0xff, 0x0, 0x2, 0x1, 0x7, 0x2, 0x7}})
ioctl$sock_SIOCSIFBR(r5, 0x8941, &(0x7f0000000bc0)=@get={0x1, &(0x7f0000000ac0)=""/242, 0xfffffffffffffff8})
r7 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000c00)='/dev/sequencer\x00', 0x410042, 0x0)
syz_open_procfs$namespace(r2, &(0x7f0000000c40)='ns/pid_for_children\x00')
read(r7, &(0x7f0000000c80)=""/195, 0xc3)
bind$vsock_stream(r7, &(0x7f0000000d80)={0x28, 0x0, 0x2710, @hyper}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)

09:59:23 executing program 0:
socketpair$unix(0x1, 0x400000001, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
clock_getres(0x3, 0x0)

09:59:23 executing program 2:
socketpair$unix(0x1, 0x400000001, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RATTACH(r1, &(0x7f0000000140)={0x14}, 0x14)
pipe(&(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f00000001c0), 0xfffffef3)
write$P9_RFSYNC(r1, &(0x7f0000000080)={0x7}, 0x7)

09:59:23 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(anubis)\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="285474dae6badf3a960eca58356ed2eb", 0x10)
sendmmsg$alg(r1, &(0x7f00000069c0)=[{0x0, 0x0, 0x0}], 0x1, 0x0)

09:59:23 executing program 0:
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000003000)=@file={0x1, '.\x00'}, 0x6e)

09:59:23 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(anubis)\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="285474dae6badf3a960eca58356ed2eb", 0x10)
sendmmsg$alg(r1, &(0x7f0000000380)=[{0x0, 0x0, 0x0}], 0x1, 0x0)

09:59:23 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
msgrcv(0x0, 0x0, 0x0, 0x0, 0xa483ad41a879dde0)

09:59:23 executing program 0:

[  214.496881] IPVS: ftp: loaded support on port[0] = 21
[  214.573222] IPVS: ftp: loaded support on port[0] = 21
09:59:23 executing program 0:

[  215.846127] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.853188] bridge0: port 1(bridge_slave_0) entered disabled state
[  215.861093] device bridge_slave_0 entered promiscuous mode
[  215.877087] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.883779] bridge0: port 1(bridge_slave_0) entered disabled state
[  215.891590] device bridge_slave_0 entered promiscuous mode
[  215.928630] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.935632] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.943562] device bridge_slave_1 entered promiscuous mode
[  215.958464] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.965108] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.973007] device bridge_slave_1 entered promiscuous mode
[  216.011892] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  216.039552] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  216.078588] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  216.108540] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  216.281179] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  216.314729] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  216.351370] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  216.387323] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  216.691306] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  216.699594] team0: Port device team_slave_0 added
[  216.723215] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  216.731407] team0: Port device team_slave_0 added
[  216.768183] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  216.776477] team0: Port device team_slave_1 added
[  216.800685] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  216.809030] team0: Port device team_slave_1 added
[  216.845693] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  216.877519] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  216.921199] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  216.950520] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  216.993969] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  217.001524] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  217.010527] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  217.024784] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  217.032365] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  217.041189] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  217.094700] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  217.102216] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  217.111017] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  217.125762] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  217.133570] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  217.142423] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  217.880386] bridge0: port 2(bridge_slave_1) entered blocking state
[  217.886942] bridge0: port 2(bridge_slave_1) entered forwarding state
[  217.894167] bridge0: port 1(bridge_slave_0) entered blocking state
[  217.900636] bridge0: port 1(bridge_slave_0) entered forwarding state
[  217.908906] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  217.921013] bridge0: port 2(bridge_slave_1) entered blocking state
[  217.927555] bridge0: port 2(bridge_slave_1) entered forwarding state
[  217.934623] bridge0: port 1(bridge_slave_0) entered blocking state
[  217.941196] bridge0: port 1(bridge_slave_0) entered forwarding state
[  217.950451] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  218.572304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  218.580161] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  220.752049] 8021q: adding VLAN 0 to HW filter on device bond0
[  220.830796] 8021q: adding VLAN 0 to HW filter on device bond0
[  221.008525] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  221.085836] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  221.267927] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  221.274281] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  221.282048] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  221.359147] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  221.365632] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  221.373399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  221.536215] 8021q: adding VLAN 0 to HW filter on device team0
[  221.631476] 8021q: adding VLAN 0 to HW filter on device team0
09:59:32 executing program 4:
r0 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/unix\x00')
read(r0, &(0x7f0000000200)=""/83, 0xfffffdf0)

09:59:32 executing program 3:

09:59:32 executing program 0:

09:59:32 executing program 5:

09:59:32 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfffffffffffffffe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340))
r3 = accept(r2, 0x0, &(0x7f0000000200))
r4 = dup2(r0, r2)
mount(&(0x7f0000000500)=@filename='./file0\x00', 0x0, &(0x7f0000000580)='nfs\x00', 0x8a, 0x0)
ioctl$TCSETSW(r4, 0x5403, &(0x7f00000003c0)={0x9, 0x0, 0x10001, 0x3, 0x1, 0x422, 0x8, 0xffff, 0x80000000, 0x1, 0x0, 0x20})
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000540)='tls\x00', 0x4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$packet_int(r3, 0x107, 0x10, &(0x7f0000000380)=0x9, 0x4)
sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c)
prctl$PR_GET_PDEATHSIG(0x2, &(0x7f0000000080))
ioctl$int_out(r1, 0x2, &(0x7f0000000280))
r6 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
sendmsg$nl_route(r3, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x24}, 0xc, &(0x7f0000000480)={&(0x7f0000000180)=ANY=[@ANYBLOB="b2ce4752a0fc9c167d8e10640eb0611e7673c5bfa4be2c094c0d4e214dfcdc04c9408ef687e4e1ae07b7a4132e7fd7f42c74625adbb1439b5dcdfbc640ce7b736891545bdd39a3a41adfa094a9d64e606d60d102beab18e06916315623e2ec16d1250be4e8da447c979f5e8d1a86a779d4ba"], 0x1}}, 0x0)
preadv(r6, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x0)
chroot(&(0x7f0000000640)='./file0\x00')
rt_sigpending(&(0x7f00000002c0), 0x8)
lsetxattr$security_smack_transmute(0x0, &(0x7f00000000c0)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000100)='TRUE', 0x4, 0x1)

09:59:32 executing program 2:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @loopback}, 0x10)

09:59:32 executing program 3:

09:59:32 executing program 0:

09:59:32 executing program 4:

09:59:32 executing program 3:

09:59:32 executing program 5:

09:59:32 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-twofish-avx\x00'}, 0x58)
r1 = socket$inet6(0xa, 0x803, 0x7)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0a5c2d023c126285718070")
accept(r0, &(0x7f0000000100)=@ax25, 0x0)

09:59:32 executing program 4:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000040)={'bridge0\x00\x00\x00\x00\x80\x00', &(0x7f0000000100)=@ethtool_cmd={0x6, 0x0, 0x707000}})

09:59:32 executing program 2:

09:59:32 executing program 5:

09:59:32 executing program 3:

09:59:33 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfffffffffffffffe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340))
r3 = accept(r2, 0x0, &(0x7f0000000200))
r4 = dup2(r0, r2)
mount(&(0x7f0000000500)=@filename='./file0\x00', 0x0, &(0x7f0000000580)='nfs\x00', 0x8a, 0x0)
ioctl$TCSETSW(r4, 0x5403, &(0x7f00000003c0)={0x9, 0x0, 0x10001, 0x3, 0x1, 0x422, 0x8, 0xffff, 0x80000000, 0x1, 0x0, 0x20})
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000540)='tls\x00', 0x4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$packet_int(r3, 0x107, 0x10, &(0x7f0000000380)=0x9, 0x4)
sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c)
prctl$PR_GET_PDEATHSIG(0x2, &(0x7f0000000080))
ioctl$int_out(r1, 0x2, &(0x7f0000000280))
r6 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
sendmsg$nl_route(r3, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x24}, 0xc, &(0x7f0000000480)={&(0x7f0000000180)=ANY=[@ANYBLOB="b2ce4752a0fc9c167d8e10640eb0611e7673c5bfa4be2c094c0d4e214dfcdc04c9408ef687e4e1ae07b7a4132e7fd7f42c74625adbb1439b5dcdfbc640ce7b736891545bdd39a3a41adfa094a9d64e606d60d102beab18e06916315623e2ec16d1250be4e8da447c979f5e8d1a86a779d4ba"], 0x1}}, 0x0)
preadv(r6, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x0)
chroot(&(0x7f0000000640)='./file0\x00')
rt_sigpending(&(0x7f00000002c0), 0x8)

09:59:33 executing program 4:

09:59:33 executing program 2:
read(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000200)='cmdline\x00')
readv(0xffffffffffffffff, 0x0, 0x0)
readv(r0, &(0x7f0000000580), 0x3c1)

09:59:33 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f0000000200)='cmdline\x00')
readv(r0, &(0x7f0000002340)=[{&(0x7f0000002380)=""/4096, 0x1000}], 0x257)
readv(r0, &(0x7f0000000580), 0x3c1)

09:59:33 executing program 3:
r0 = syz_open_procfs(0x0, &(0x7f0000000200)='cmdline\x00')
readv(0xffffffffffffffff, 0x0, 0x0)
readv(r0, &(0x7f0000000580), 0x3c1)

09:59:33 executing program 0:
pipe(0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f00000001c0), 0xfffffef3)
read(0xffffffffffffffff, &(0x7f0000000200)=""/250, 0x50c7e3e3)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20000802, &(0x7f0000000100)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10)
read(r0, &(0x7f0000000200)=""/13, 0xfffffffffffffdb4)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6_vti0\x00', 0x10)
getsockopt$SO_COOKIE(r0, 0x1, 0x39, &(0x7f0000000580), &(0x7f00000005c0)=0x8)
lstat(0x0, 0x0)
write$FUSE_INTERRUPT(r0, &(0x7f0000000140)={0x10}, 0xfffffd2a)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)

09:59:33 executing program 4:
mmap(&(0x7f000060b000/0x1000)=nil, 0x1000, 0xfffffffffffffffd, 0x40031, 0xffffffffffffffff, 0x0)

09:59:33 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000002c0)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
io_setup(0x3, &(0x7f0000000040)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000001a80)=[&(0x7f0000001ac0)={0x0, 0x0, 0x0, 0x8, 0x0, r1, 0x0}])

09:59:33 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000))
ppoll(&(0x7f00000000c0)=[{r1}], 0x1, &(0x7f0000000100)={0x0, 0x1c9c380}, 0x0, 0x0)

09:59:33 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000040))

09:59:33 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000fd0ffc)=0x2)
ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000040))

09:59:33 executing program 5:
perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x3fffffefb, 0x0, 0x0)
getpgrp(0x0)
gettid()
rt_sigprocmask(0x3, 0x0, 0x0, 0x21c)
r0 = creat(0x0, 0x140)
r1 = socket$netlink(0x10, 0x3, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)='/gro<#\xfbW\xe6\xc6\x0f\x1fKE\xb7M\x99\x9a\x9a\x8c,\xe1[&\xe5\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ}\xb7\xf3\xfe\xf6\xe0.+\xe3\x89\xde\x139E\xa3\x85\xbd\x81\xe9\xbd\xee\xee\x03\x00\x00\x00\x00\x00\x00\x00[T\aE\xdfK\x1d\xeeH;\x15v$\xc5\xbcq\x9a\t\x9ej5\t\x00\x00\x009\x8c4', 0x2761, 0x0)
write$cgroup_pid(r2, &(0x7f0000000080), 0xfffffe38)
getsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000140), &(0x7f0000000240)=0x14)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CLR_FD(r2, 0x4c01)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r2, 0x660c, 0x0)
r3 = accept4(r1, 0x0, 0x0, 0x800)
ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, 0x0)
ioctl$void(r0, 0x0)
setsockopt$netlink_NETLINK_CAP_ACK(r1, 0x10e, 0xa, &(0x7f0000000940)=0x80000004, 0xfffffffffffffee2)
setsockopt$IP_VS_SO_SET_DELDEST(r0, 0x0, 0x488, &(0x7f0000000000)={{0x0, @dev={0xac, 0x14, 0x14, 0x1e}, 0x0, 0x3, 'dh\x00', 0x0, 0x7, 0x2b}, {@local, 0x4e24, 0x3, 0x8, 0x3, 0x3}}, 0x44)
bind$inet(r2, &(0x7f0000000100)={0x2, 0x80, @remote}, 0x10)
memfd_create(&(0x7f0000000200)='secur\xee\x00\x00\x00\x00\x00\x00\x00p\xa9cgro\x02p\x00', 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f00000003c0), &(0x7f0000000400)=0xc)
getresuid(&(0x7f0000000440), &(0x7f0000000680), &(0x7f0000000700))

09:59:34 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0)
read(r0, &(0x7f0000000240)=""/11, 0xfffffe72)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0))
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080))
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r0)
r2 = gettid()
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f0000000140))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
syz_open_dev$sndtimer(0x0, 0x0, 0x240000)
tkill(r2, 0x1000000000016)

09:59:34 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000fd0ffc)=0x2)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080))

09:59:34 executing program 4:
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001fc0)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000880)="eb4727cb7a9372b22db41cc2692b638d08c0d8de44412f1c6a0f082fb1b04033bf150fa8a5acdfdfa135f3cecd2627466c469251446c162ab05f538a4de306adb2d317bd3a52e4305ce9b424", 0x4c}], 0x1}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(0xffffffffffffffff, 0xc1105511, 0x0)
ioctl$BLKROTATIONAL(0xffffffffffffffff, 0x127e, &(0x7f0000000780))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000100)="66b91000004066b80000000066ba000000000f30baa000eddb8f05000f89ae6a660f3a22efa80f09f00fc709f20f1ab60d0066b93608000066b80000000066ba008000000f3066b9800000c00f326635000800000f30", 0x56}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_genetlink_get_family_id$tipc2(0x0)
sendmsg$TIPC_NL_NAME_TABLE_GET(r2, &(0x7f0000000700)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x280}, 0xc, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x20040004}, 0x804)

09:59:34 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfffffffffffffffe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340))
r3 = accept(r2, 0x0, &(0x7f0000000200))
r4 = dup2(r0, r2)
mount(&(0x7f0000000500)=@filename='./file0\x00', 0x0, &(0x7f0000000580)='nfs\x00', 0x8a, 0x0)
ioctl$TCSETSW(r4, 0x5403, &(0x7f00000003c0)={0x9, 0x0, 0x10001, 0x3, 0x1, 0x422, 0x8, 0xffff, 0x80000000, 0x1, 0x0, 0x20})
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000540)='tls\x00', 0x4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$packet_int(r3, 0x107, 0x10, &(0x7f0000000380)=0x9, 0x4)
sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c)
prctl$PR_GET_PDEATHSIG(0x2, &(0x7f0000000080))
ioctl$int_out(r1, 0x2, &(0x7f0000000280))
r6 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
sendmsg$nl_route(r3, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x24}, 0xc, &(0x7f0000000480)={&(0x7f0000000180)=ANY=[@ANYBLOB="b2ce4752a0fc9c167d8e10640eb0611e7673c5bfa4be2c094c0d4e214dfcdc04c9408ef687e4e1ae07b7a4132e7fd7f42c74625adbb1439b5dcdfbc640ce7b736891545bdd39a3a41adfa094a9d64e606d60d102beab18e06916315623e2ec16d1250be4e8da447c979f5e8d1a86a779d4ba"], 0x1}}, 0x0)
preadv(r6, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x0)
chroot(&(0x7f0000000640)='./file0\x00')

09:59:34 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:59:34 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$mouse(&(0x7f0000000500)='/dev/input/mouse#\x00', 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0)

[  225.554734] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details.
09:59:34 executing program 5:
syz_emit_ethernet(0x1, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd60a980e900d80000fe0101000000000000000000000000aafe8000000000000000000000000000aa001800000000000000c0013c79500c389895bf5962513a6e8ca730264cd0a19b0079679ee27d9a69864b36def11511c38dcbf5d6bdfe1750835eb3f6fec7d297a8ba53326b1756abebbfea09797c04ec3bbc392f67789292475a7b75314390faa7165e04d9e1b16d6c56ccd122887cc4696caea0572961de04b0eba316d05e4ce24d23d6d9680ba77dd7835700268a10d48dc99f124154140e68233e84dd9a273a3d71f1d9be84390021a0966db5100c90ea36d0e0eed9eea8893b4221d6eee0b9bbeb2dc3a05bc6424f0000000000000000000000089078"], 0x0)

[  225.671450] hrtimer: interrupt took 34785 ns
09:59:34 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000040)={0x0, 0x0, 0xfffffffffffffffe})

[  225.765686] kvm: pic: non byte read
[  225.775556] kvm: pic: non byte read
[  225.803383] kvm: pic: non byte read
[  225.808544] kvm: pic: non byte read
09:59:34 executing program 2:
perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, 0x0, 0x0)
getpgrp(0x0)
rt_sigprocmask(0x3, 0x0, 0x0, 0x21c)
r0 = socket$netlink(0x10, 0x3, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)='/gro<#\xfbW\xe6\xc6\x0f\x1fKE\xb7M\x99\x9a\x9a\x8c,\xe1[&\xe5\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ}\xb7\xf3\xfe\xf6\xe0.+\xe3\x89\xde\x139E\xa3\x85\xbd\x81\xe9\xbd\xee\xee\x03\x00\x00\x00\x00\x00\x00\x00[T\aE\xdfK\x1d\xeeH;\x15v$\xc5\xbcq\x9a\t\x9ej5\t\x00\x00\x009\x8c4', 0x2761, 0x0)
write$cgroup_pid(r1, &(0x7f0000000080), 0xfffffe38)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000140), &(0x7f0000000240)=0x14)
ioctl$LOOP_CLR_FD(r1, 0x4c01)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r1, 0x660c, 0x0)
r2 = accept4(r0, 0x0, 0x0, 0x800)
ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, 0x0)
ioctl$void(0xffffffffffffffff, 0x0)
setsockopt$netlink_NETLINK_CAP_ACK(r0, 0x10e, 0xa, &(0x7f0000000940)=0x80000004, 0xfffffffffffffee2)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x80, @remote}, 0x10)
getsockopt$sock_cred(r2, 0x1, 0x11, 0x0, &(0x7f0000000400))

09:59:34 executing program 3:
r0 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r0, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r1 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000100)={'syz'}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$describe(0x6, r1, &(0x7f0000000200), 0x0)

[  225.843668] kvm: pic: non byte read
[  225.848926] kvm: pic: non byte read
[  225.864441] kvm: pic: non byte read
[  225.900236] kvm: pic: non byte read
[  225.919671] kvm: pic: non byte read
[  225.939225] kvm: pic: non byte read
09:59:35 executing program 5:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@newlink={0x20, 0x10, 0xc362e63b3f31ba5f}, 0x20}}, 0x0)

09:59:35 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000440)={0x0, {}, {0x2, 0x0, @broadcast}, {0x2, 0x0, @remote}, 0xab852ebbe6fbd72e, 0x0, 0x0, 0x0, 0x4, &(0x7f00000000c0)='nr0\x00'})

09:59:35 executing program 0:
r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ion\x00', 0x0, 0x0)
ioctl$NBD_SET_SIZE_BLOCKS(0xffffffffffffffff, 0xab07, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000000c0)={0x5, 0x29, 0x0, <r1=>0xffffffffffffffff})
dup2(r0, r1)

09:59:35 executing program 5:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f0000000140)={'syz'}, 0x0, 0x0, 0xfffffffffffffffb)

[  226.404208] kvm [8003]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000014 data 0x0
[  226.413796] kvm [8003]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x4000000a data 0x0
09:59:35 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfffffffffffffffe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340))
r3 = accept(r2, 0x0, &(0x7f0000000200))
r4 = dup2(r0, r2)
mount(&(0x7f0000000500)=@filename='./file0\x00', 0x0, &(0x7f0000000580)='nfs\x00', 0x8a, 0x0)
ioctl$TCSETSW(r4, 0x5403, &(0x7f00000003c0)={0x9, 0x0, 0x10001, 0x3, 0x1, 0x422, 0x8, 0xffff, 0x80000000, 0x1, 0x0, 0x20})
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000540)='tls\x00', 0x4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$packet_int(r3, 0x107, 0x10, &(0x7f0000000380)=0x9, 0x4)
sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c)
prctl$PR_GET_PDEATHSIG(0x2, &(0x7f0000000080))
ioctl$int_out(r1, 0x2, &(0x7f0000000280))
r6 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
sendmsg$nl_route(r3, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x24}, 0xc, &(0x7f0000000480)={&(0x7f0000000180)=ANY=[@ANYBLOB="b2ce4752a0fc9c167d8e10640eb0611e7673c5bfa4be2c094c0d4e214dfcdc04c9408ef687e4e1ae07b7a4132e7fd7f42c74625adbb1439b5dcdfbc640ce7b736891545bdd39a3a41adfa094a9d64e606d60d102beab18e06916315623e2ec16d1250be4e8da447c979f5e8d1a86a779d4ba"], 0x1}}, 0x0)
preadv(r6, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x0)

09:59:35 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x5000aea5, &(0x7f0000000180)={0x0, 0xfdfdffff})

09:59:35 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)

09:59:35 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000180)={0x7b, 0xfdfdffff, [0x175]})

09:59:35 executing program 0:
syz_open_dev$binder(&(0x7f0000000080)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc018620c, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)=ANY=[], 0x0, 0x0, 0x0})

[  226.712707] binder: 8064 BINDER_GET_NODE_INFO_FOR_REF: only handle may be non-zero.
[  226.712732] binder: 8064:8069 ioctl c018620c 20000040 returned -22
09:59:35 executing program 3:
r0 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000080)={'bridge0\x00\x00\x00\x00\x00\x00\x00\x00\x01', &(0x7f00000000c0)=@ethtool_ringparam={0x10, 0x0, 0x10001, 0x0, 0xfdfdffff}})

09:59:36 executing program 2:
r0 = syz_open_dev$binder(&(0x7f00000000c0)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x10, r1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x50, 0x0, &(0x7f0000000400)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, @free_buffer], 0x0, 0x10000000, 0x0})

09:59:36 executing program 0:
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000001540)=@raw={'raw\x00', 0x9, 0x3, 0x268, 0x0, 0x138, 0x0, 0x138, 0x0, 0x210, 0x210, 0x210, 0x210, 0x210, 0x3, 0x0, {[{{@ip={@empty, @multicast1, 0xffffff00, 0xff, 'bcsh0\x00', 'veth1_to_bond\x00', {}, {}, 0x7f}, 0x0, 0x98, 0xf8}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @local, 0x234, 0x0, [0x8, 0x33, 0x3e, 0x34, 0x3e, 0x3f, 0x0, 0x2e, 0x24, 0x1d, 0x0, 0x0, 0x8, 0x25, 0x3c, 0x6]}}}, {{@uncond, 0x0, 0x98, 0xd8}, @common=@unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "b258cd8177f5859b0a981ec6e7a6333c42ecda25bf93981ad964cb46d9dd"}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x2c8)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
timer_create(0x0, 0x0, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0xff4a)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x20032600)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a0f, 0x1700)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0)
accept4$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)

09:59:36 executing program 5:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
clone(0x2102001ff4, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount(&(0x7f0000000040)=@nullb='%d::]:0.,[\n\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='ceph\x00', 0xc0ed0000, 0x0)

09:59:36 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f00000014c0)=""/148, 0x94}], 0x1, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='status\x00')
preadv(r0, &(0x7f0000000480), 0x1000000000000268, 0x0)
ioctl$KDSETLED(0xffffffffffffffff, 0x4b32, 0x0)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)

09:59:36 executing program 3:
r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x101002)
write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f0000000040)=ANY=[@ANYBLOB='0\x00'], 0x2)

[  227.135521] ceph: device name is missing path (no : separator in %d::]:0.,[
[  227.135521] )
09:59:36 executing program 5:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/tcp6\x00')
preadv(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x0)

[  227.185273] binder_alloc: 8104: binder_alloc_buf, no vma
[  227.190893] binder: 8104:8106 transaction failed 29189/-3, size 0-0 line 2973
[  227.378993] binder: undelivered TRANSACTION_ERROR: 29189
09:59:36 executing program 4:
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
write$RDMA_USER_CM_CMD_BIND(0xffffffffffffffff, &(0x7f0000000380)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x0, 0x0, @in={0x2, 0x0, @local}}}, 0x90)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2, &(0x7f00000000c0)=0x201, 0x4)
bind$inet6(r0, &(0x7f0000000480)={0xa, 0x4e22}, 0x1c)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000580)=0x14)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000180)='veno\x00', 0x5)
sendto$inet6(r1, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
getsockname$inet6(r2, &(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000200)=0x1c)
lseek(0xffffffffffffffff, 0x0, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x12, 0x0, @thr={&(0x7f0000000340), 0x0}}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x1c9c380}}, &(0x7f0000040000))
tkill(r3, 0x401104000000016)

09:59:36 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfffffffffffffffe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340))
r3 = accept(r2, 0x0, &(0x7f0000000200))
r4 = dup2(r0, r2)
mount(&(0x7f0000000500)=@filename='./file0\x00', 0x0, &(0x7f0000000580)='nfs\x00', 0x8a, 0x0)
ioctl$TCSETSW(r4, 0x5403, &(0x7f00000003c0)={0x9, 0x0, 0x10001, 0x3, 0x1, 0x422, 0x8, 0xffff, 0x80000000, 0x1, 0x0, 0x20})
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000540)='tls\x00', 0x4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$packet_int(r3, 0x107, 0x10, &(0x7f0000000380)=0x9, 0x4)
sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c)
prctl$PR_GET_PDEATHSIG(0x2, &(0x7f0000000080))
ioctl$int_out(r1, 0x2, &(0x7f0000000280))
r6 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
sendmsg$nl_route(r3, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x24}, 0xc, &(0x7f0000000480)={&(0x7f0000000180)=ANY=[@ANYBLOB="b2ce4752a0fc9c167d8e10640eb0611e7673c5bfa4be2c094c0d4e214dfcdc04c9408ef687e4e1ae07b7a4132e7fd7f42c74625adbb1439b5dcdfbc640ce7b736891545bdd39a3a41adfa094a9d64e606d60d102beab18e06916315623e2ec16d1250be4e8da447c979f5e8d1a86a779d4ba"], 0x1}}, 0x0)
preadv(r6, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)

09:59:36 executing program 0:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x0, 0xb}}, 0x20)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2, &(0x7f00000000c0)=0x201, 0x4)
bind$inet6(r0, &(0x7f0000000480)={0xa, 0x4e22}, 0x1c)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'gretap0\x00'})
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000180)='veno\x00', 0x5)
sendto$inet6(r1, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
creat(&(0x7f0000000080)='./bus\x00', 0x0)
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000300)={0xfffffffffffffffe})
lseek(0xffffffffffffffff, 0x0, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x12, 0x0, @thr={&(0x7f0000000340), 0x0}}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x1c9c380}}, &(0x7f0000040000))
tkill(r2, 0x401104000000016)

09:59:36 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000fd0ffc)=0x2)
ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000000))

09:59:36 executing program 3:
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000001240)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$EXT4_IOC_MIGRATE(r0, 0x7002)

09:59:36 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$vcsa(&(0x7f0000000180)='/dev/vcsa#\x00', 0x1ff, 0x1)
pwritev(r0, &(0x7f0000000540)=[{&(0x7f0000000740)="a44a536b6af5aee596dfc4cfeafedcf21f55ea3f6a7ca2e3a9fac2cb499e33bae75a49395d01b3710c4cebc7d1a5bfab17063bc3456e7352c824b74c40c5b3fabe92b0769c4389181f90e79c108b8d7f9aaa270eb89565fe81cc1565cbc1c7b4dc203129ff5f6c05869e99e3d445c68315362c71c73744b1f2ca450d8b3aebdd8adcefacfda76cd09152a6a23d3708604f60ee1db1f0bf29ecc6b53f3796d6d153cde522da6578", 0xa7}], 0x1, 0x0)

09:59:36 executing program 3:
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000001240)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$EXT4_IOC_MIGRATE(r0, 0x7002)

09:59:36 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$vcsa(&(0x7f0000000180)='/dev/vcsa#\x00', 0x1ff, 0x1)
pwritev(r0, &(0x7f0000000540)=[{&(0x7f0000000740)="a44a536b6af5aee596dfc4cfeafedcf21f55ea3f6a7ca2e3a9fac2cb499e33bae75a49395d01b3710c4cebc7d1a5bfab17063bc3456e7352c824b74c40c5b3fabe92b0769c4389181f90e79c108b8d7f", 0x50}], 0x1, 0x0)

09:59:36 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uhid\x00', 0x400000002, 0x0)
write$UHID_CREATE(r1, &(0x7f0000001080)={0x0, 'syz1\x00', 'syz1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf8\x00', 'syz0\x00', &(0x7f0000000680)=""/11, 0xb}, 0x120)
readv(r1, &(0x7f0000000240)=[{&(0x7f0000000140)=""/231, 0xe7}], 0x1)

09:59:36 executing program 4:
syz_open_dev$binder(&(0x7f0000000080)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ppoll(&(0x7f0000000200)=[{r0}], 0x1, &(0x7f0000000240), 0x0, 0x0)

09:59:36 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getrandom(0x0, 0x0, 0x0)
getpeername(r1, &(0x7f00000003c0)=@pppol2tpin6={0x18, 0x1, {0x0, <r2=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, &(0x7f00000000c0)=0x80)
openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
write$P9_RCREATE(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x891b, 0x0)
dup2(r0, r2)
getuid()
socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x0, 0x0, 0x0)

[  227.893379] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  227.900322] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  227.907310] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  227.914219] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  227.921048] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  227.927917] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  227.934794] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
09:59:37 executing program 0:
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001540)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip_tables_matches\x00')
preadv(r0, &(0x7f00000017c0), 0x1d0, 0x0)

09:59:37 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
dup3(r1, r0, 0x0)
read(r1, 0x0, 0x0)

[  227.941694] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  227.948512] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  227.955369] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  227.962212] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  228.091152] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
09:59:37 executing program 5:
socketpair$unix(0x1, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001540)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, &(0x7f0000003280))
sched_setaffinity(0x0, 0x8, &(0x7f0000000140))
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip_tables_matches\x00')
preadv(r0, &(0x7f00000017c0), 0x1d0, 0x0)

09:59:37 executing program 2:
r0 = socket(0x10, 0x802, 0x0)
write(r0, &(0x7f0000000040)="240000001a0025f0006bb404feff141c020b5aff6e10b500001180cc0800020034a1a55d", 0x24)

09:59:37 executing program 3:
r0 = syz_open_dev$binder(&(0x7f00000000c0)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x20011, r1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x2d, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="006340400000000000000000000000000000000000000000000000000000000000000000000000000000000004"], 0x0, 0x10000000, 0x0})

09:59:37 executing program 0:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={[], [], @rand_addr=0x9}}, 0x1c)

09:59:37 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfffffffffffffffe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340))
r3 = accept(r2, 0x0, &(0x7f0000000200))
r4 = dup2(r0, r2)
mount(&(0x7f0000000500)=@filename='./file0\x00', 0x0, &(0x7f0000000580)='nfs\x00', 0x8a, 0x0)
ioctl$TCSETSW(r4, 0x5403, &(0x7f00000003c0)={0x9, 0x0, 0x10001, 0x3, 0x1, 0x422, 0x8, 0xffff, 0x80000000, 0x1, 0x0, 0x20})
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000540)='tls\x00', 0x4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$packet_int(r3, 0x107, 0x10, &(0x7f0000000380)=0x9, 0x4)
sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c)
prctl$PR_GET_PDEATHSIG(0x2, &(0x7f0000000080))
ioctl$int_out(r1, 0x2, &(0x7f0000000280))
r6 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
sendmsg$nl_route(r3, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x24}, 0xc, &(0x7f0000000480)={&(0x7f0000000180)=ANY=[@ANYBLOB="b2ce4752a0fc9c167d8e10640eb0611e7673c5bfa4be2c094c0d4e214dfcdc04c9408ef687e4e1ae07b7a4132e7fd7f42c74625adbb1439b5dcdfbc640ce7b736891545bdd39a3a41adfa094a9d64e606d60d102beab18e06916315623e2ec16d1250be4e8da447c979f5e8d1a86a779d4ba"], 0x1}}, 0x0)
preadv(r6, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

09:59:37 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
getpid()
rt_tgsigqueueinfo(0x0, 0x0, 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x80000002)

[  228.611829] binder: 8174:8175 got transaction with invalid offsets ptr
[  228.618675] binder: 8174:8175 transaction failed 29201/-14, size 0-4 line 3000
09:59:37 executing program 2:
perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x10, 0x3, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvfrom$packet(r2, &(0x7f00000000c0)=""/203, 0xcb, 0x40000000, 0x0, 0x0)
getpeername(r1, &(0x7f0000000440)=@nfc_llcp, &(0x7f00000004c0)=0x80)
write(r2, &(0x7f0000000080), 0x10000027d)
read(r1, &(0x7f0000000200)=""/250, 0xfffffe24)
ioctl$SNDRV_TIMER_IOCTL_INFO(r2, 0x80e85411, &(0x7f0000000300)=""/161)
ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x13)
ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f00000001c0)=<r3=>0x0)
sched_getparam(r3, &(0x7f0000000400))
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f000000d000)=[{&(0x7f0000000040)="4c0000001200ff09fffefd956fa283b724a6008000000000000000683540150024001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d0f1cbc882b0798818c", 0x4d}], 0x1}, 0x0)
recvmmsg(r0, &(0x7f0000001b40)=[{{0x0, 0x118, &(0x7f0000000240), 0x0, 0x0, 0x26085d6cce6967cc}}], 0x4000056, 0x3a, &(0x7f0000000200)={0x77359400})

09:59:37 executing program 5:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000140)="1f0000000104ff00fd4354c007110000f305010008000100010423dcffdf00", 0x1f)
write(r0, &(0x7f0000594000)="1f0000000104ff00fd4354c007110000f305010008000100020423dcffdf00", 0x1f)

09:59:37 executing program 0:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x0, 0x0)
dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
write$binfmt_aout(0xffffffffffffffff, 0x0, 0x0)
ioctl$KDGKBDIACR(0xffffffffffffffff, 0x4b4a, 0x0)
mlockall(0x0)
ioctl$TIOCSPGRP(r0, 0x5451, 0x0)

09:59:37 executing program 3:
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x40, 0x0)
ioctl$GIO_FONTX(0xffffffffffffffff, 0x4b6b, 0x0)
close(r0)
r1 = open(0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0x6611)
connect(r1, &(0x7f0000000000)=@nfc={0x27, 0x1, 0x0, 0x7}, 0x80)
write$P9_RGETLOCK(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000080))
shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ff9000/0x4000)=nil)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, 0x0)
sendto$unix(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

[  228.850591] binder: undelivered TRANSACTION_ERROR: 29201
[  228.904171] netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'.
[  228.914874] netlink: 'syz-executor2': attribute type 29 has an invalid length.
[  228.922449] netlink: 8 bytes leftover after parsing attributes in process `syz-executor2'.
[  228.931053] netlink: 'syz-executor2': attribute type 29 has an invalid length.
[  228.938569] netlink: 8 bytes leftover after parsing attributes in process `syz-executor2'.
09:59:38 executing program 0:
r0 = open(&(0x7f0000000200)='./file0\x00', 0x14104a, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000140)='/dev/input/event#\x00', 0x0, 0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
write$evdev(r0, &(0x7f0000000080)=[{{}, 0x1, 0x74, 0x2}, {}], 0xfcf2)
sendfile(r1, r0, &(0x7f0000000000), 0x100000001)

[  228.950104] netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'.
[  228.960850] netlink: 'syz-executor2': attribute type 29 has an invalid length.
[  228.968442] netlink: 8 bytes leftover after parsing attributes in process `syz-executor2'.
[  228.987365] netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'.
[  228.987429] netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'.
09:59:38 executing program 3:
r0 = socket(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000012, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='net/ip_mr_cache\x00')
sendfile(r0, r1, 0x0, 0x80000002)

[  229.036833] netlink: 'syz-executor2': attribute type 29 has an invalid length.
[  229.044457] netlink: 8 bytes leftover after parsing attributes in process `syz-executor2'.
09:59:38 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
getpid()
rt_tgsigqueueinfo(0x0, 0x0, 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x80000002)

[  229.107351] netlink: 'syz-executor2': attribute type 29 has an invalid length.
[  229.115078] netlink: 8 bytes leftover after parsing attributes in process `syz-executor2'.
[  229.138906] netlink: 'syz-executor2': attribute type 29 has an invalid length.
[  229.146661] netlink: 8 bytes leftover after parsing attributes in process `syz-executor2'.
09:59:38 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @local, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @remote={0xac, 0x14, 0x223}}, @icmp=@timestamp_reply={0x44, 0x5}}}}}, 0x0)

[  229.206202] netlink: 'syz-executor2': attribute type 29 has an invalid length.
[  229.216651] netlink: 'syz-executor2': attribute type 29 has an invalid length.
[  229.227085] netlink: 'syz-executor2': attribute type 29 has an invalid length.
[  229.253839] netlink: 'syz-executor2': attribute type 29 has an invalid length.
09:59:38 executing program 3:
r0 = open(&(0x7f0000000200)='./file0\x00', 0x14104a, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000140)='/dev/input/event#\x00', 0x0, 0x2)
write$evdev(r0, &(0x7f0000000080)=[{}], 0x18)
sendfile(r1, r0, &(0x7f0000000000), 0x100000001)

09:59:38 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:38 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfffffffffffffffe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340))
r3 = accept(r2, 0x0, &(0x7f0000000200))
r4 = dup2(r0, r2)
mount(&(0x7f0000000500)=@filename='./file0\x00', 0x0, &(0x7f0000000580)='nfs\x00', 0x8a, 0x0)
ioctl$TCSETSW(r4, 0x5403, &(0x7f00000003c0)={0x9, 0x0, 0x10001, 0x3, 0x1, 0x422, 0x8, 0xffff, 0x80000000, 0x1, 0x0, 0x20})
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000540)='tls\x00', 0x4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$packet_int(r3, 0x107, 0x10, &(0x7f0000000380)=0x9, 0x4)
sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c)
prctl$PR_GET_PDEATHSIG(0x2, &(0x7f0000000080))
ioctl$int_out(r1, 0x2, &(0x7f0000000280))
r6 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r6, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

09:59:38 executing program 5:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x100, 0x2081, 0x20000000000001, 0x1, 0x0}, 0x2c)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r0, &(0x7f0000000080), 0x0}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000000)={r0, &(0x7f0000000080), 0x0}, 0x20)

09:59:39 executing program 2:
r0 = socket$inet6(0xa, 0x803, 0x3)
ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070")
r1 = socket(0xa, 0x5, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000000200)={0x1, 'bridge_slave_1\x00'}, 0x18)

09:59:39 executing program 3:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608)
ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r1 = dup(r0)
mkdirat(0xffffffffffffffff, 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, 0xffffffffffffffff)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r1)
lstat(0x0, 0x0)
ioctl$TIOCGSOFTCAR(r0, 0x5419, 0x0)

09:59:39 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:39 executing program 5:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x100, 0x2081, 0x20000000000001, 0x1, 0x0}, 0x2c)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r0, &(0x7f0000000080), 0x0}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000000)={r0, &(0x7f0000000080), 0x0}, 0x20)

09:59:39 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
getpid()
rt_tgsigqueueinfo(0x0, 0x0, 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x80000002)

09:59:39 executing program 3:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000040)={'bridge0\x00\x00\x00\x00\x80\x00', &(0x7f0000000100)=@ethtool_cmd={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a0ffffffff}})

[  230.231787] IPVS: sync thread started: state = MASTER, mcast_ifn = bridge_slave_1, syncid = 0, id = 0
09:59:39 executing program 5:
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f000089b000)=0xffffffffffffffff, 0x4)
r1 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0a5c2d023c126285718070")
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x6}, 0x1c)

09:59:39 executing program 2:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, 0x0, 0x0)
ioctl$void(r0, 0x5451)
getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
epoll_create1(0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0)
ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, 0x0)

09:59:39 executing program 3:
socket$inet_udp(0x2, 0x2, 0x0)
sendmsg(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$unix(0x1, 0x1, 0x0)
write$P9_RLINK(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0)
bind$unix(r1, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
getgid()
listen(r1, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0)
r2 = accept(r1, 0x0, 0x0)
connect$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
write$P9_RLINK(0xffffffffffffffff, 0x0, 0x0)
fstat(r2, &(0x7f0000001540))
writev(0xffffffffffffffff, 0x0, 0x0)

09:59:39 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:39 executing program 2:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8914, &(0x7f0000000380)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;<\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xc6\x0f\xd7\x14\x0f\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4N')
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x2, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x802})
r3 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r3, 0x1, 0x1, 0x0, 0x0}, 0x20)
recvmsg(r1, &(0x7f0000003f80)={0x0, 0x0, &(0x7f0000003f00), 0x0, 0x0, 0x0, 0x16a571d0}, 0x0)
ioctl$TUNSETVNETLE(0xffffffffffffffff, 0x400454dc, 0x0)
gettid()
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="006d656d6f7279200003000000202d6d88646f7279200072646d61c3fc3672fad4b5ae5367990b3700c51290728756f5d905277153e183bd2e04e9146e06d98bc2e0f8b37aa8ea0f6a2dcfc512b26df0d6a4533d79589c2845bae1fb73612b9acc6cbfb24cf118cb584162fc7981550a404ae83948d972e62dbd9a296da7e3c00d66453a32b9f5a099b29c30b50e9c79bf78d12f4f9af141f7819bde0cc285ed91bfac6829c5406666811540a4600e2139590cca7e40e15c6292088c9fe7e78c8d8a268246c130d0f7ae2926f4"], 0xcd)

09:59:39 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfffffffffffffffe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340))
r3 = accept(r2, 0x0, &(0x7f0000000200))
r4 = dup2(r0, r2)
mount(&(0x7f0000000500)=@filename='./file0\x00', 0x0, &(0x7f0000000580)='nfs\x00', 0x8a, 0x0)
ioctl$TCSETSW(r4, 0x5403, &(0x7f00000003c0)={0x9, 0x0, 0x10001, 0x3, 0x1, 0x422, 0x8, 0xffff, 0x80000000, 0x1, 0x0, 0x20})
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000540)='tls\x00', 0x4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$packet_int(r3, 0x107, 0x10, &(0x7f0000000380)=0x9, 0x4)
sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c)
prctl$PR_GET_PDEATHSIG(0x2, &(0x7f0000000080))
ioctl$int_out(r1, 0x2, &(0x7f0000000280))
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

09:59:39 executing program 3:
r0 = socket$kcm(0x2, 0x3, 0x2)
sendmsg(r0, &(0x7f0000000f80)={&(0x7f0000000c80)=@in={0x2, 0x0, @multicast1}, 0x80, 0x0}, 0x20000000)

09:59:39 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
getpid()
rt_tgsigqueueinfo(0x0, 0x0, 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x80000002)

09:59:39 executing program 3:
r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)
socket$kcm(0x11, 0x3, 0x300)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x1b, &(0x7f0000000080)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b70000000000000095000000000000006f6d3624ef0d3562f5a226edd7c27cdd10e4f1f0ab055337e837b64f9776acc4c9214d612db02d66757c5c01df72bfd4c4fe6473e203d5bfa57044aba9bc40364e87d7e017d2c26ad88441b16ec5b9b7033b6dd277b49c2007f1bd80103620f74ab43d3805f72575f621775c893c884188fea2324dc1e249a7699d89bcdc4680cb115e302387622c41d5"], 0x0}, 0x48)
close(r1)

09:59:39 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:40 executing program 3:
r0 = socket$inet6(0xa, 0x40000000000803, 0x3)
ioctl(r0, 0x1000008912, &(0x7f0000000480)="0a5c2d023c126285718070")
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_emit_ethernet(0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa271d9531720601cc0dc2652b00140000fe8000000000aafefeffffffffffffb5ffff"], 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x151)
connect$inet6(r1, &(0x7f0000000180), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000000)='tls\x00', 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000100), 0x28)
sendto$inet6(r1, &(0x7f00000001c0)="ad", 0x1, 0x0, 0x0, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x0)

09:59:40 executing program 3:
syz_emit_ethernet(0x4a, &(0x7f0000000040)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x0, 0x0, @local, @local, {[], @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

09:59:40 executing program 5:
syz_open_dev$binder(&(0x7f0000000080)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc018620c, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)=ANY=[], 0x0, 0x0, 0x0})

09:59:40 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
getpid()
sendfile(r0, r1, 0x0, 0x80000002)

09:59:40 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)

09:59:40 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r1 = syz_open_procfs(0x0, 0x0)
write$P9_RXATTRCREATE(0xffffffffffffffff, 0x0, 0x0)
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000140))
ioctl$sock_netdev_private(0xffffffffffffffff, 0x89f4, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, 0x0)
epoll_pwait(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
lstat(0x0, 0x0)
io_setup(0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000840)=<r2=>0x0)
capset(&(0x7f0000000880), 0x0)
socket$unix(0x1, 0x0, 0x0)
getgroups(0x0, 0x0)
sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCSSOFTCAR(0xffffffffffffffff, 0x541a, 0x0)
ioctl$KDGKBLED(0xffffffffffffffff, 0x4b64, 0x0)
io_submit(0x0, 0x0, 0x0)
getpgrp(r2)

[  231.324701] binder: 8318 BINDER_GET_NODE_INFO_FOR_REF: only handle may be non-zero.
[  231.324726] binder: 8318:8320 ioctl c018620c 20000040 returned -22
09:59:40 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4004ae86, &(0x7f0000000000))

09:59:40 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfffffffffffffffe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340))
r3 = accept(r2, 0x0, &(0x7f0000000200))
r4 = dup2(r0, r2)
mount(&(0x7f0000000500)=@filename='./file0\x00', 0x0, &(0x7f0000000580)='nfs\x00', 0x8a, 0x0)
ioctl$TCSETSW(r4, 0x5403, &(0x7f00000003c0)={0x9, 0x0, 0x10001, 0x3, 0x1, 0x422, 0x8, 0xffff, 0x80000000, 0x1, 0x0, 0x20})
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000540)='tls\x00', 0x4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$packet_int(r3, 0x107, 0x10, &(0x7f0000000380)=0x9, 0x4)
sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c)
prctl$PR_GET_PDEATHSIG(0x2, &(0x7f0000000080))
r6 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r6, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

09:59:40 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000280)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
r3 = fcntl$dupfd(r1, 0x406, 0xffffffffffffffff)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000840)='/dev/fuse\x00', 0x2, 0x0)
ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000380)={&(0x7f0000be1000/0x2000)=nil, 0x2000})
shmget$private(0x0, 0x1000, 0x8, &(0x7f0000fff000/0x1000)=nil)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0)
ioctl$sock_inet6_udp_SIOCOUTQ(r3, 0x5411, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000003c0)}}, 0x20)
readv(r2, &(0x7f0000001900)=[{&(0x7f0000000680)=""/235, 0xeb}, {&(0x7f0000000780)=""/158, 0x9e}, {&(0x7f0000000500)=""/3, 0x3}, {&(0x7f0000000900)=""/4096, 0x1000}], 0x4)
ioctl$UI_SET_FFBIT(0xffffffffffffffff, 0x4004556b, 0x0)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000480)={0x0, 0x8000}, &(0x7f0000000440)=0x8)
syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x401, 0x482101)
ioctl$EVIOCSMASK(r3, 0x40104593, 0x0)
mmap$binder(&(0x7f00009ea000/0x2000)=nil, 0x2000, 0xfffffefffffffffd, 0x200000000000010, 0xffffffffffffffff, 0x0)
fremovexattr(0xffffffffffffffff, &(0x7f0000000640)=@random={'security.', '\x00'})
fremovexattr(r2, &(0x7f00000001c0)=@known='system.posix_acl_access\x00')
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000080))
getsockopt$IP_VS_SO_GET_TIMEOUT(0xffffffffffffffff, 0x0, 0x486, &(0x7f0000000340), &(0x7f0000000300)=0xc)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x2000)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000100)={0x0, 0xffffffffffffffff}, &(0x7f0000000040)=0x8)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00010, 0x1, &(0x7f00000000c0)=0x37000000, 0x1, 0x2000000000002)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000200), 0x0, 0x7}}, 0x20)
ioctl$DRM_IOCTL_CONTROL(r3, 0x40086414, &(0x7f0000000180)={0x3})
ioctl(r0, 0xc5, 0x0)

09:59:40 executing program 5:
creat(&(0x7f0000000000)='./file0\x00', 0x0)
mount$fuseblk(&(0x7f0000000100)='/dev/loop0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='fuseblk\x00', 0x0, 0x0)

09:59:40 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)

09:59:40 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendfile(r0, r1, 0x0, 0x80000002)

[  231.669905] mmap: syz-executor3 (8328) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
09:59:40 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4004ae86, 0x0)

09:59:40 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070")
r1 = socket(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000300)={0xa, 0x0, 0x0, @ipv4={[0xfeffffff], [], @loopback}}, 0x1c)

09:59:41 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)

09:59:41 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080))
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))

09:59:41 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x1c})

09:59:41 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, 0x0)
sendfile(r0, r1, 0x0, 0x80000002)

09:59:41 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:41 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfffffffffffffffe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340))
r3 = accept(r2, 0x0, &(0x7f0000000200))
r4 = dup2(r0, r2)
mount(&(0x7f0000000500)=@filename='./file0\x00', 0x0, &(0x7f0000000580)='nfs\x00', 0x8a, 0x0)
ioctl$TCSETSW(r4, 0x5403, &(0x7f00000003c0)={0x9, 0x0, 0x10001, 0x3, 0x1, 0x422, 0x8, 0xffff, 0x80000000, 0x1, 0x0, 0x20})
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000540)='tls\x00', 0x4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$packet_int(r3, 0x107, 0x10, &(0x7f0000000380)=0x9, 0x4)
sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c)
r6 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r6, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

09:59:42 executing program 5:
syz_genetlink_get_family_id$tipc2(&(0x7f0000000100)='TIPCv2\x00')

09:59:42 executing program 2:
r0 = socket$inet6(0xa, 0x803, 0x7)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
r1 = syz_open_dev$cec(&(0x7f0000000180)='/dev/cec#\x00', 0xffffffffffffffff, 0x2)
close(r1)

09:59:42 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:42 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000280)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
r3 = fcntl$dupfd(r1, 0x406, 0xffffffffffffffff)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000840)='/dev/fuse\x00', 0x2, 0x0)
ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000380)={&(0x7f0000be1000/0x2000)=nil, 0x2000})
shmget$private(0x0, 0x1000, 0x8, &(0x7f0000fff000/0x1000)=nil)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0)
ioctl$sock_inet6_udp_SIOCOUTQ(r3, 0x5411, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000003c0)}}, 0x20)
readv(r2, &(0x7f0000001900)=[{&(0x7f0000000680)=""/235, 0xeb}, {&(0x7f0000000780)=""/158, 0x9e}, {&(0x7f0000000500)=""/3, 0x3}, {&(0x7f0000000900)=""/4096, 0x1000}], 0x4)
ioctl$UI_SET_FFBIT(0xffffffffffffffff, 0x4004556b, 0x0)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000480)={0x0, 0x8000}, &(0x7f0000000440)=0x8)
syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x401, 0x482101)
ioctl$EVIOCSMASK(r3, 0x40104593, 0x0)
mmap$binder(&(0x7f00009ea000/0x2000)=nil, 0x2000, 0xfffffefffffffffd, 0x200000000000010, 0xffffffffffffffff, 0x0)
fremovexattr(0xffffffffffffffff, &(0x7f0000000640)=@random={'security.', '\x00'})
fremovexattr(r2, &(0x7f00000001c0)=@known='system.posix_acl_access\x00')
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000080))
getsockopt$IP_VS_SO_GET_TIMEOUT(0xffffffffffffffff, 0x0, 0x486, &(0x7f0000000340), &(0x7f0000000300)=0xc)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x2000)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000100)={0x0, 0xffffffffffffffff}, &(0x7f0000000040)=0x8)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00010, 0x1, &(0x7f00000000c0)=0x37000000, 0x1, 0x2000000000002)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000200), 0x0, 0x7}}, 0x20)
ioctl$DRM_IOCTL_CONTROL(r3, 0x40086414, &(0x7f0000000180)={0x3})
ioctl(r0, 0xc5, 0x0)

09:59:42 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, 0x0)
sendfile(r0, r1, 0x0, 0x80000002)

09:59:42 executing program 5:
perf_event_open(&(0x7f00000001c0)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getrusage(0x0, &(0x7f0000000000))

09:59:42 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:42 executing program 2:
syz_open_dev$binder(&(0x7f0000000080)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc018620c, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

09:59:42 executing program 5:
openat(0xffffffffffffffff, &(0x7f0000000040)='/', 0x200, 0x8)

[  233.402214] binder: 8401:8403 ioctl c018620c 20000040 returned -1
09:59:42 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:59:42 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

[  233.593790] *** Guest State ***
[  233.597216] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  233.606425] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  233.615400] CR3 = 0x0000000000000000
[  233.619155] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  233.625285] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  233.631298] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  233.638082] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  233.646202] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  233.654273] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  233.662337] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  233.670355] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  233.678523] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
09:59:42 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfffffffffffffffe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340))
r3 = accept(r2, 0x0, &(0x7f0000000200))
r4 = dup2(r0, r2)
mount(&(0x7f0000000500)=@filename='./file0\x00', 0x0, &(0x7f0000000580)='nfs\x00', 0x8a, 0x0)
ioctl$TCSETSW(r4, 0x5403, &(0x7f00000003c0)={0x9, 0x0, 0x10001, 0x3, 0x1, 0x422, 0x8, 0xffff, 0x80000000, 0x1, 0x0, 0x20})
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000540)='tls\x00', 0x4)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$packet_int(r3, 0x107, 0x10, &(0x7f0000000380)=0x9, 0x4)
r5 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r5, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

09:59:42 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x2)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040))

[  233.686601] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  233.694676] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  233.702737] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  233.710745] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  233.718806] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  233.725377] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  233.733067] Interruptibility = 00000000  ActivityState = 00000000
[  233.739328] *** Host State ***
[  233.742613] RIP = 0xffffffff812b177c  RSP = 0xffff8881315ff380
[  233.748645] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  233.755151] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  233.763054] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  233.768983] CR0=0000000080050033 CR3=0000000172086000 CR4=00000000001426f0
[  233.776215] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  233.782972] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  233.789139] *** Control State ***
[  233.792737] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  233.799438] EntryControls=0000d1ff ExitControls=002fefff
[  233.804979] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  233.811990] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  233.818699] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  233.825361]         reason=80000021 qualification=0000000000000000
[  233.831757] IDTVectoring: info=00000000 errcode=00000000
[  233.837236] TSC Offset = 0xffffff7ede836708
[  233.841580] TPR Threshold = 0x00
[  233.845028] EPT pointer = 0x0000000172db401e
09:59:42 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, 0x0)
sendfile(r0, r1, 0x0, 0x80000002)

09:59:43 executing program 2:
r0 = socket$inet6(0xa, 0x803, 0x7)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
r1 = socket$inet_udp(0x2, 0x2, 0x0)
close(r1)
r2 = socket(0x100840000000002, 0x3, 0x1f)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x5a)
connect$inet(r1, &(0x7f0000593000)={0x2, 0x0, @multicast1}, 0x10)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x0, @multicast2}, 0x10)

09:59:43 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:59:43 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:43 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:59:43 executing program 2:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x0)
ppoll(&(0x7f0000000000)=[{r0}], 0x1, &(0x7f0000000040), 0x0, 0x0)

09:59:43 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendfile(r0, r1, 0x0, 0x80000002)

[  234.645668] *** Guest State ***
[  234.649081] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  234.658787] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  234.667729] CR3 = 0x0000000000000000
[  234.671471] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  234.677628] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  234.683801] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
09:59:43 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

[  234.690549] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  234.698638] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  234.706813] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  234.714878] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  234.722962] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  234.731005] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  234.739201] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  234.747380] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  234.756019] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  234.764155] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  234.772226] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  234.778666] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  234.786241] Interruptibility = 00000000  ActivityState = 00000000
[  234.792554] *** Host State ***
[  234.795785] RIP = 0xffffffff812b177c  RSP = 0xffff8881327df380
[  234.801877] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  234.808323] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  234.816239] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  234.822254] CR0=0000000080050033 CR3=000000012f995000 CR4=00000000001426f0
[  234.829313] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  234.836150] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  234.842298] *** Control State ***
[  234.845787] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  234.852580] EntryControls=0000d1ff ExitControls=002fefff
[  234.858086] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  234.865167] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  234.871932] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  234.878637]         reason=80000021 qualification=0000000000000000
[  234.885083] IDTVectoring: info=00000000 errcode=00000000
[  234.890576] TSC Offset = 0xffffff7e4c458ff4
09:59:43 executing program 2:
r0 = memfd_create(&(0x7f00000001c0)='ppp0+,selfppp0vmnet1proc\']\x00', 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000050000)='/dev/snd/seq\x00', 0x0, 0x0)
r2 = dup2(r1, r0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, '\x9e\xdez\x8cZ\xe9^\xc8g,\x934\x0fd:fO\x13\xee\xabe\xc02)\x01\xdck\xd3l\xde,Q\xf0\x1b\x7f\v\x01O\x9f\x91\xee\xb7\xc3|r@\xf4v\xc8\xd7S\xd0\x00\xaa\x8f\xaf\x8f\xb5t\xdb\xcf\xa6\xdcM'})

09:59:43 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

[  234.895028] TPR Threshold = 0x00
[  234.898436] EPT pointer = 0x00000001718eb01e
09:59:44 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfffffffffffffffe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340))
r3 = accept(r2, 0x0, &(0x7f0000000200))
r4 = dup2(r0, r2)
mount(&(0x7f0000000500)=@filename='./file0\x00', 0x0, &(0x7f0000000580)='nfs\x00', 0x8a, 0x0)
ioctl$TCSETSW(r4, 0x5403, &(0x7f00000003c0)={0x9, 0x0, 0x10001, 0x3, 0x1, 0x422, 0x8, 0xffff, 0x80000000, 0x1, 0x0, 0x20})
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000540)='tls\x00', 0x4)
socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r5, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

09:59:44 executing program 2:
r0 = memfd_create(&(0x7f00000001c0)='ppp0+,selfppp0vmnet1proc\']\x00', 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000050000)='/dev/snd/seq\x00', 0x0, 0x101001)
r2 = dup2(r1, r0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, '\x9e\xdez\x8cZ\xe9^\xc8g,\x934\x0fd:fO\x13\xee\xabe\xc02)\x01\xdck\xd3l\xde,Q\xf0\x1b\x7f\v\x01O\x9f\x91\xee\xb7\xc3|r@\xf4v\xc8\xd7S\xd0\x00\xaa\x8f\xaf\x8f\xb5t\xdb\xcf\xa6\xdcM'})
write$sndseq(r0, &(0x7f0000042f70)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}], 0x30)

09:59:44 executing program 3:
r0 = memfd_create(&(0x7f00000001c0)='ppp0+,selfppp0vmnet1proc\']\x00', 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000050000)='/dev/snd/seq\x00', 0x0, 0x0)
r2 = dup2(r1, r0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r2, 0x40bc5311, &(0x7f0000000000)={0x0, 0x0, 'clien\x00\x00\x00\x00\x00\x00\x04\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00', 0x0, "7fd82d5e02ca3901", "88e7ed00007fff051eae961ef6c6992b7e6e560000f9fff77711be18a3d918e0"})

09:59:44 executing program 2:
r0 = socket$inet6(0xa, 0x1000000000001, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000140)={'bridge0\x00\x00\x00\x00\x80\x00', &(0x7f0000000240)=@ethtool_cmd={0x12}})

09:59:44 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
sendfile(r0, r1, 0x0, 0x80000002)

09:59:44 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:59:44 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:44 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000001, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000140)={'bridge0\x00\x00\x00\x00\x80\x00', &(0x7f0000000240)=@ethtool_cmd={0x12, 0x0, 0x709000, 0x0, 0x0, 0x0, 0x2}})

09:59:44 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r0, &(0x7f0000000080)=""/115, 0x2bd)

[  235.421291] *** Guest State ***
[  235.424848] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  235.433819] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  235.442741] CR3 = 0x0000000000000000
[  235.448914] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  235.455051] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  235.461159] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  235.467957] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  235.476055] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  235.484175] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  235.492247] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  235.500381] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  235.508500] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
09:59:44 executing program 3:

[  235.516563] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  235.524675] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  235.532748] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  235.540764] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  235.548877] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  235.555375] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  235.562942] Interruptibility = 00000000  ActivityState = 00000000
09:59:44 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

[  235.569201] *** Host State ***
[  235.572516] RIP = 0xffffffff812b177c  RSP = 0xffff88819c58f380
[  235.578552] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  235.585109] FSBase=00007fb6c7b3c700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  235.593005] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  235.598936] CR0=0000000080050033 CR3=000000012ea7f000 CR4=00000000001426e0
[  235.606081] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ac015f0
[  235.612847] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  235.619068] *** Control State ***
[  235.622673] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  235.629367] EntryControls=0000d1ff ExitControls=002fefff
[  235.634947] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  235.641976] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  235.648674] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  235.655374]         reason=80000021 qualification=0000000000000000
[  235.661778] IDTVectoring: info=00000000 errcode=00000000
[  235.667258] TSC Offset = 0xffffff7de2bbbd6e
09:59:44 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f0000000080), 0x12)

[  235.671687] TPR Threshold = 0x00
[  235.675080] EPT pointer = 0x000000017244101e
09:59:45 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfffffffffffffffe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340))
r3 = accept(r2, 0x0, &(0x7f0000000200))
r4 = dup2(r0, r2)
mount(&(0x7f0000000500)=@filename='./file0\x00', 0x0, &(0x7f0000000580)='nfs\x00', 0x8a, 0x0)
ioctl$TCSETSW(r4, 0x5403, &(0x7f00000003c0)={0x9, 0x0, 0x10001, 0x3, 0x1, 0x422, 0x8, 0xffff, 0x80000000, 0x1, 0x0, 0x20})
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000540)='tls\x00', 0x4)
r5 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r5, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

09:59:45 executing program 3:
r0 = memfd_create(&(0x7f00000001c0)='ppp0+,selfppp0vmnet1proc\']\x00', 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000050000)='/dev/snd/seq\x00', 0x0, 0x101001)
r2 = dup2(r1, r0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, '\x9e\xdez\x8cZ\xe9^\xc8g,\x934\x0fd:fO\x13\xee\xabe\xc02)\x01\xdck\xd3l\xde,Q\xf0\x1b\x7f\v\x01O\x9f\x91\xee\xb7\xc3|r@\xf4v\xc8\xd7S\xd0\x00\xaa\x8f\xaf\x8f\xb5t\xdb\xcf\xa6\xdcM'})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r2, 0x40bc5311, 0x0)
write$sndseq(r0, &(0x7f0000042f70)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {0x6}, {}, @addr}], 0xffffffbd)

09:59:45 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, 0xffffffffffffffff, &(0x7f0000000000), 0xffff)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x8)
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, 0xffffffffffffffff, 0x0)

09:59:45 executing program 2:
socket$inet6(0xa, 0x0, 0x0)
r0 = memfd_create(&(0x7f00000001c0)='ppp0+,selfppp0vmnet1proc\']\x00', 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000050000)='/dev/snd/seq\x00', 0x0, 0x0)
r2 = dup2(r1, r0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r2, 0x40bc5311, &(0x7f0000000000)={0x80, 0x1, 'clien\x00\x00\x00\x00\x00\x00\x04\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00', 0x0, "7fd82d5e02ca3901", "88e7ed00007fff051eae961ef6c6992b7e6e560000f9fff77711be18a3d918e0"})
ioctl(0xffffffffffffffff, 0x0, 0x0)

09:59:45 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
sendfile(r0, r1, 0x0, 0x80000002)

09:59:45 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:59:45 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, 0xffffffffffffffff, &(0x7f0000000000), 0xffff)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x8)
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, 0xffffffffffffffff, 0x0)

[  236.160385] *** Guest State ***
[  236.163913] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  236.172902] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  236.181827] CR3 = 0x0000000000000000
[  236.185574] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  236.191583] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  236.197696] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  236.204509] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  236.212585] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  236.220691] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  236.228763] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  236.236840] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  236.245471] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
09:59:45 executing program 3:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000000)=ANY=[], 0xffffff3e)
fallocate(r2, 0x10, 0x0, 0xcd55)
close(r2)
fdatasync(r1)

[  236.253533] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  236.261577] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  236.269691] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  236.277779] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  236.286048] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  236.292560] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  236.300056] Interruptibility = 00000000  ActivityState = 00000000
[  236.306405] *** Host State ***
[  236.309637] RIP = 0xffffffff812b177c  RSP = 0xffff888172ebf380
[  236.315749] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  236.322246] FSBase=00007fb6c7b3c700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  236.330080] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  236.336095] CR0=0000000080050033 CR3=000000013115d000 CR4=00000000001426e0
[  236.343235] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ac015f0
[  236.349936] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  236.356108] *** Control State ***
[  236.359595] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  236.366357] EntryControls=0000d1ff ExitControls=002fefff
[  236.371897] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  236.378854] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  236.385749] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  236.392412]         reason=80000021 qualification=0000000000000000
[  236.398766] IDTVectoring: info=00000000 errcode=00000000
[  236.404319] TSC Offset = 0xffffff7d7e95150c
[  236.408669] TPR Threshold = 0x00
[  236.412174] EPT pointer = 0x000000013012a01e
09:59:45 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, 0xffffffffffffffff, &(0x7f0000000000), 0xffff)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x8)
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, 0xffffffffffffffff, 0x0)

09:59:45 executing program 2:
r0 = memfd_create(&(0x7f00000001c0)='ppp0+,selfppp0vmnet1proc\']\x00', 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000050000)='/dev/snd/seq\x00', 0x0, 0x101001)
r2 = dup2(r1, r0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, '\x9e\xdez\x8cZ\xe9^\xc8g,\x934\x0fd:fO\x13\xee\xabe\xc02)\x01\xdck\xd3l\xde,Q\xf0\x1b\x7f\v\x01O\x9f\x91\xee\xb7\xc3|r@\xf4v\xc8\xd7S\xd0\x00\xaa\x8f\xaf\x8f\xb5t\xdb\xcf\xa6\xdcM'})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(0xffffffffffffffff, 0x40bc5311, 0x0)
write$sndseq(r0, &(0x7f0000042f70)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {0x6}, {}, @addr}], 0xffffffbd)

09:59:45 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:59:45 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r1, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(0xffffffffffffffff, r1, &(0x7f0000000000), 0xffff)
fcntl$addseals(r1, 0x409, 0x8)
fsetxattr$system_posix_acl(r1, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(0xffffffffffffffff, r1, 0x0)

[  236.822694] *** Guest State ***
[  236.826230] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  236.835274] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  236.844198] CR3 = 0x0000000000000000
[  236.847940] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  236.854005] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  236.860025] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  236.866838] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  236.874943] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  236.883029] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  236.891064] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  236.899174] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  236.907351] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  236.915432] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  236.923516] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  236.931522] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  236.939614] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  236.947690] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  236.954192] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  236.961728] Interruptibility = 00000000  ActivityState = 00000000
[  236.967976] *** Host State ***
[  236.971202] RIP = 0xffffffff812b177c  RSP = 0xffff88812e3df380
[  236.977332] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  236.983860] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  236.991800] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  236.997728] CR0=0000000080050033 CR3=000000012d743000 CR4=00000000001426f0
[  237.004903] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  237.011701] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  237.017786] *** Control State ***
[  237.021275] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  237.028082] EntryControls=0000d1ff ExitControls=002fefff
[  237.033637] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  237.040600] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  237.047407] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  237.054099]         reason=80000021 qualification=0000000000000000
[  237.060557] IDTVectoring: info=00000000 errcode=00000000
[  237.066149] TSC Offset = 0xffffff7d2287d72f
[  237.070495] TPR Threshold = 0x00
[  237.073980] EPT pointer = 0x000000012a4ed01e
09:59:46 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfffffffffffffffe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340))
accept(r2, 0x0, &(0x7f0000000200))
r3 = dup2(r0, r2)
mount(&(0x7f0000000500)=@filename='./file0\x00', 0x0, &(0x7f0000000580)='nfs\x00', 0x8a, 0x0)
ioctl$TCSETSW(r3, 0x5403, &(0x7f00000003c0)={0x9, 0x0, 0x10001, 0x3, 0x1, 0x422, 0x8, 0xffff, 0x80000000, 0x1, 0x0, 0x20})
r4 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r4, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

09:59:46 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
sendfile(r0, r1, 0x0, 0x80000002)

09:59:46 executing program 2:

09:59:46 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r1, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(0xffffffffffffffff, r1, &(0x7f0000000000), 0xffff)
fcntl$addseals(r1, 0x409, 0x8)
fsetxattr$system_posix_acl(r1, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(0xffffffffffffffff, r1, 0x0)

09:59:46 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:59:46 executing program 2:

09:59:46 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r1, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(0xffffffffffffffff, r1, &(0x7f0000000000), 0xffff)
fcntl$addseals(r1, 0x409, 0x8)
fsetxattr$system_posix_acl(r1, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(0xffffffffffffffff, r1, 0x0)

09:59:46 executing program 3:

09:59:46 executing program 0:
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r1, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r0, r1, &(0x7f0000000000), 0xffff)
fcntl$addseals(r1, 0x409, 0x8)
fsetxattr$system_posix_acl(r1, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r0, r1, 0x0)

09:59:46 executing program 2:

09:59:46 executing program 3:

09:59:46 executing program 3:

09:59:47 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfffffffffffffffe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340))
accept(r2, 0x0, &(0x7f0000000200))
dup2(r0, r2)
mount(&(0x7f0000000500)=@filename='./file0\x00', 0x0, &(0x7f0000000580)='nfs\x00', 0x8a, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

09:59:47 executing program 2:

09:59:47 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:59:47 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x80000002)

09:59:47 executing program 3:

09:59:47 executing program 0:
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r1, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r0, r1, &(0x7f0000000000), 0xffff)
fcntl$addseals(r1, 0x409, 0x8)
fsetxattr$system_posix_acl(r1, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r0, r1, 0x0)

09:59:47 executing program 3:

09:59:47 executing program 4:
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendfile(0xffffffffffffffff, r0, 0x0, 0x80000002)

09:59:47 executing program 2:

09:59:47 executing program 3:

09:59:47 executing program 0:
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r1, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r0, r1, &(0x7f0000000000), 0xffff)
fcntl$addseals(r1, 0x409, 0x8)
fsetxattr$system_posix_acl(r1, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r0, r1, 0x0)

09:59:47 executing program 2:

09:59:48 executing program 4:
r0 = socket(0x0, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendfile(r0, r1, 0x0, 0x80000002)

09:59:48 executing program 3:

09:59:48 executing program 2:

09:59:48 executing program 0:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r1, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r0, r1, &(0x7f0000000000), 0xffff)
fcntl$addseals(r1, 0x409, 0x8)
fsetxattr$system_posix_acl(r1, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r0, r1, 0x0)

09:59:48 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfffffffffffffffe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340))
accept(r2, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

09:59:48 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:59:48 executing program 3:

09:59:48 executing program 2:

09:59:48 executing program 4:
r0 = socket(0x10, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendfile(r0, r1, 0x0, 0x80000002)

09:59:48 executing program 2:

09:59:48 executing program 3:

09:59:48 executing program 0:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r1, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r0, r1, &(0x7f0000000000), 0xffff)
fcntl$addseals(r1, 0x409, 0x8)
fsetxattr$system_posix_acl(r1, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r0, r1, 0x0)

09:59:48 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendfile(r0, r1, 0x0, 0x80000002)

09:59:48 executing program 2:

09:59:48 executing program 3:

09:59:48 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendfile(r0, r1, 0x0, 0x80000002)

09:59:49 executing program 2:

09:59:49 executing program 3:

09:59:49 executing program 0:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r1, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r0, r1, &(0x7f0000000000), 0xffff)
fcntl$addseals(r1, 0x409, 0x8)
fsetxattr$system_posix_acl(r1, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r0, r1, 0x0)

09:59:49 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendfile(r0, r1, 0x0, 0x80000002)

09:59:49 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r1, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r1, 0xfffffffffffffffe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340))
accept(r1, 0x0, &(0x7f0000000200))
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r2, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

09:59:49 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  240.140818] *** Guest State ***
[  240.144334] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  240.153339] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  240.162260] CR3 = 0x0000000000000000
[  240.166005] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  240.172073] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  240.178090] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
09:59:49 executing program 2:

[  240.184931] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  240.193003] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  240.201573] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  240.209674] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  240.217833] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  240.225907] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
09:59:49 executing program 3:

[  240.233967] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  240.242575] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  240.250601] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  240.258696] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  240.266789] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  240.273301] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  240.280781] Interruptibility = 00000000  ActivityState = 00000000
[  240.287172] *** Host State ***
[  240.290404] RIP = 0xffffffff812b177c  RSP = 0xffff88812ec1f380
[  240.296506] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  240.303119] FSBase=00007fb6c7b3c700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  240.310947] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  240.316921] CR0=0000000080050033 CR3=000000012e84c000 CR4=00000000001426e0
[  240.324025] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ac015f0
[  240.330730] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  240.336891] *** Control State ***
09:59:49 executing program 2:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="fe8000000000000000000000000000aa000000006c0000000000000000000000000000000000000000000000000000000003e445f800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000585a63fa0000000000000000000000000000000000000000000089c9d238c04a523ed4550c991ce94e38f9da66ed44569ca1dd0ed96e28ae70bf40e9ae63d61b4b62d928cb5506df9a8ea82f28c99a754d615e000000000000"], 0x1}, 0x8}, 0x0)

[  240.340375] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  240.347154] EntryControls=0000d1ff ExitControls=002fefff
[  240.352697] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  240.359659] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  240.366439] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  240.373115]         reason=80000021 qualification=0000000000000000
[  240.379468] IDTVectoring: info=00000000 errcode=00000000
[  240.385055] TSC Offset = 0xffffff7b5be2d9b2
09:59:49 executing program 3:

[  240.389402] TPR Threshold = 0x08
[  240.392867] EPT pointer = 0x000000012e26601e
09:59:49 executing program 2:

09:59:49 executing program 0:
socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r1, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r0, r1, &(0x7f0000000000), 0xffff)
fcntl$addseals(r1, 0x409, 0x8)
fsetxattr$system_posix_acl(r1, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r0, r1, 0x0)

09:59:49 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:59:49 executing program 3:

09:59:49 executing program 2:

[  240.747854] *** Guest State ***
[  240.751352] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  240.760341] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  240.769289] CR3 = 0x0000000000000000
[  240.773105] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  240.779112] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  240.785216] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  240.792016] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  240.800046] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  240.808160] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  240.816255] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  240.824342] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  240.832432] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  240.840445] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  240.848545] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  240.856716] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  240.864804] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  240.872883] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  240.879325] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  240.886885] Interruptibility = 00000000  ActivityState = 00000000
[  240.893353] *** Host State ***
[  240.896587] RIP = 0xffffffff812b177c  RSP = 0xffff8881724ff380
[  240.902689] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  240.909158] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  240.917068] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  240.923089] CR0=0000000080050033 CR3=000000012e5fe000 CR4=00000000001426f0
[  240.930431] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  240.937321] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  240.943481] *** Control State ***
09:59:49 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendfile(r0, r1, 0x0, 0x80000002)

[  240.946965] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  240.953825] EntryControls=0000d1ff ExitControls=002fefff
[  240.959440] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  240.967355] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  240.974161] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  240.980881]         reason=80000021 qualification=0000000000000000
[  240.987339] IDTVectoring: info=00000000 errcode=00000000
[  240.992882] TSC Offset = 0xffffff7b08286eae
[  240.997233] TPR Threshold = 0x08
[  241.000633] EPT pointer = 0x000000012c5d801e
09:59:50 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfffffffffffffffe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

09:59:50 executing program 2:

09:59:50 executing program 3:
socket$inet6(0xa, 0x0, 0x3)
r0 = memfd_create(&(0x7f00000001c0)='ppp0+,selfppp0vmnet1proc\']\x00', 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000050000)='/dev/snd/seq\x00', 0x0, 0x101001)
r2 = dup2(r1, r0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, '\x9e\xdez\x8cZ\xe9^\xc8g,\x934\x0fd:fO\x13\xee\xabe\xc02)\x01\xdck\xd3l\xde,Q\xf0\x1b\x7f\v\x01O\x9f\x91\xee\xb7\xc3|r@\xf4v\xc8\xd7S\xd0\x00\xaa\x8f\xaf\x8f\xb5t\xdb\xcf\xa6\xdcM'})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r2, 0x40bc5311, &(0x7f0000000000)={0x80, 0x1, 'clien\x00\x00\x00\x00\x00\x00\x04\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00', 0xffffffff90000004, "7fd82d5e02ca3901", "88e7ed00007fff051eae961ef6c6992b7e6e560000f9fff77711be18a3d918e0"})
write$sndseq(r0, &(0x7f0000042f70)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {0x6}, {}, @addr}], 0xffffffbd)
ioctl(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_RX(r0, 0x6, 0x2, &(0x7f0000000180), 0x4)
ioctl$SNDRV_TIMER_IOCTL_START(r2, 0x54a0)

09:59:50 executing program 0:
socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r1, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r0, r1, &(0x7f0000000000), 0xffff)
fcntl$addseals(r1, 0x409, 0x8)
fsetxattr$system_posix_acl(r1, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r0, r1, 0x0)

09:59:50 executing program 2:
bind$inet(0xffffffffffffffff, 0x0, 0x0)
shmat(0x0, &(0x7f0000952000/0x2000)=nil, 0x4000)
clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, 0x0, 0x0)

09:59:50 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:59:50 executing program 2:
bind$inet(0xffffffffffffffff, 0x0, 0x0)
shmat(0x0, &(0x7f0000952000/0x2000)=nil, 0x4000)
clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, 0x0, 0x0)

09:59:50 executing program 2:
socket$inet6(0xa, 0x0, 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000001540)={'vcan0\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f0000000080)={0x1d, r1}, 0x10)
setsockopt(r0, 0x65, 0x10000000002, &(0x7f0000000000)="c8d63f23", 0x4)

09:59:50 executing program 0:
socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r1, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r0, r1, &(0x7f0000000000), 0xffff)
fcntl$addseals(r1, 0x409, 0x8)
fsetxattr$system_posix_acl(r1, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r0, r1, 0x0)

09:59:50 executing program 3:
r0 = perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x0)
poll(&(0x7f0000000000)=[{r0}, {r1}], 0x2, 0x0)

09:59:50 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfffffffffffffffe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

[  241.527233] *** Guest State ***
[  241.530689] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  241.539781] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  241.548710] CR3 = 0x0000000000000000
[  241.552531] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  241.558533] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  241.564647] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
09:59:50 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
sendfile(r0, r1, 0x0, 0x80000002)

[  241.571401] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  241.579516] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  241.587594] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  241.595688] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  241.603779] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  241.612000] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  241.620012] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  241.628151] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  241.636384] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  241.644499] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  241.652574] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  241.659016] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  241.666601] Interruptibility = 00000000  ActivityState = 00000000
[  241.672913] *** Host State ***
[  241.676150] RIP = 0xffffffff812b177c  RSP = 0xffff88812f9ef380
[  241.682257] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  241.688705] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  241.696623] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  241.702599] CR0=0000000080050033 CR3=00000001311aa000 CR4=00000000001426f0
[  241.709648] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  241.716446] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  241.722572] *** Control State ***
09:59:50 executing program 3:
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_WKALM_RD(r0, 0x80247009, &(0x7f0000000040))

[  241.726067] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  241.732876] EntryControls=0000d1ff ExitControls=002fefff
[  241.738357] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  241.745408] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  241.752158] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  241.758762]         reason=80000021 qualification=0000000000000000
[  241.765207] IDTVectoring: info=00000000 errcode=00000000
[  241.770696] TSC Offset = 0xffffff7a9de80f14
09:59:50 executing program 2:
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000380)={'nat\x00'}, &(0x7f0000000200)=0x78)

[  241.775144] TPR Threshold = 0x08
[  241.778539] EPT pointer = 0x000000017195801e
09:59:50 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:59:51 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='comm\x00')
write$P9_RLOCK(r0, 0x0, 0x24c)

09:59:51 executing program 2:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
listen(r0, 0x8)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f00000001c0)={0x0, @in={{0x2, 0x0, @empty}}}, 0x90)

09:59:51 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:51 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='comm\x00')
exit(0x0)
write$P9_RLOCK(r0, 0x0, 0x0)

09:59:51 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfffffffffffffffe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

09:59:51 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
sendfile(r0, r1, 0x0, 0x80000002)

09:59:51 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:51 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfffffffffffffffe)
accept(r2, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

09:59:51 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
sendfile(r0, r1, 0x0, 0x80000002)

09:59:51 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:51 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

09:59:52 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

09:59:52 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

09:59:52 executing program 2:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256-aesni\x00'}, 0x76)
r1 = socket$inet6(0xa, 0x803, 0x7)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0a5c2d023c126285718070")
accept(r0, &(0x7f0000000100)=@ax25, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)

09:59:52 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:52 executing program 3:
r0 = socket$inet6(0xa, 0x803, 0x7)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
socket$inet6(0xa, 0x0, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000180)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x0)
ioctl$LOOP_CHANGE_FD(r1, 0x125e, r2)

09:59:52 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
sendfile(r0, r1, 0x0, 0x80000002)

09:59:52 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:59:52 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:52 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
accept(r2, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

09:59:52 executing program 2:
syz_open_dev$binder(&(0x7f0000000080)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc018620c, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)=ANY=[], 0x0, 0x0, 0x0})

09:59:52 executing program 3:
r0 = memfd_create(&(0x7f00000001c0)='ppp0+,selfppp0vmnet1proc\']\x00', 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000050000)='/dev/snd/seq\x00', 0x0, 0x0)
r2 = dup2(r1, r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r2, 0xc0bc5310, &(0x7f00000000c0))

09:59:52 executing program 5:
openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r0 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r0, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r1, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r1, 0xae80, 0x0)

09:59:52 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

[  243.676139] binder: 8864 BINDER_GET_NODE_INFO_FOR_REF: only handle may be non-zero.
[  243.676163] binder: 8864:8865 ioctl c018620c 20000040 returned -22
[  243.774201] binder: 8864 BINDER_GET_NODE_INFO_FOR_REF: only handle may be non-zero.
[  243.774225] binder: 8864:8865 ioctl c018620c 20000040 returned -22
09:59:52 executing program 3:
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, 0x0, &(0x7f0000000200))

09:59:52 executing program 5:
openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r0 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r0, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r1, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r1, 0xae80, 0x0)

09:59:53 executing program 2:
socket$inet6(0xa, 0x0, 0x3)
r0 = memfd_create(&(0x7f00000001c0)='ppp0+,selfppp0vmnet1proc\']\x00', 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000050000)='/dev/snd/seq\x00', 0x0, 0x101001)
setsockopt$inet6_buf(r0, 0x29, 0x0, &(0x7f0000000240)="4e1203a8afb31798f00a1ca119d5fd1e25a66f63a7afcf0e368b4b57bf3104ee36f2e7a8d229", 0x26)
r2 = dup2(r1, r0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000280)={{0x0, 0x7ff, 0x0, 0x8}, 'syz0\x00', 0x27})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, '\x9e\xdez\x8cZ\xe9^\xc8g,\x934\x0fd:fO\x13\xee\xabe\xc02)\x01\xdck\xd3l\xde,Q\xf0\x1b\x7f\v\x01O\x9f\x91\xee\xb7\xc3|r@\xf4v\xc8\xd7S\xd0\x00\xaa\x8f\xaf\x8f\xb5t\xdb\xcf\xa6\xdcM'})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r2, 0x40bc5311, &(0x7f0000000000)={0x80, 0x1, 'clien\x00\x00\x00\x00\x00\x00\x04\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00', 0xffffffff90000004, "7fd82d5e02ca3901", "88e7ed00007fff051eae961ef6c6992b7e6e560000f9fff77711be18a3d918e0"})
write$sndseq(r0, &(0x7f0000042f70)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {0x6}, {}, @addr}], 0xffffffbd)
memfd_create(&(0x7f0000000180)='wlan1}-\x00', 0x6)
chmod(&(0x7f0000000200)='./file0\x00', 0x100)

09:59:53 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r1, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(0xffffffffffffffff, r1, &(0x7f0000000000), 0xffff)
fcntl$addseals(r1, 0x409, 0x8)
fsetxattr$system_posix_acl(r1, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(0xffffffffffffffff, r1, 0x0)

09:59:53 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
sendfile(r0, r1, 0x0, 0x80000002)

09:59:53 executing program 5:
openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r0 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r0, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r1, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r1, 0xae80, 0x0)

09:59:53 executing program 3:
clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x40000000, 0x0)
r0 = getpid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x400000007a181, 0x0)
pipe(0x0)
rt_sigqueueinfo(r0, 0x26, &(0x7f0000000100))

09:59:53 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
accept(r2, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

09:59:53 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r1, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(0xffffffffffffffff, r1, &(0x7f0000000000), 0xffff)
fcntl$addseals(r1, 0x409, 0x8)
fsetxattr$system_posix_acl(r1, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(0xffffffffffffffff, r1, 0x0)

09:59:53 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:59:53 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r1, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(0xffffffffffffffff, r1, &(0x7f0000000000), 0xffff)
fcntl$addseals(r1, 0x409, 0x8)
fsetxattr$system_posix_acl(r1, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(0xffffffffffffffff, r1, 0x0)

09:59:53 executing program 3:
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='oom_adj\x00')
pread64(r0, 0x0, 0x0, 0x0)

[  244.505488] *** Guest State ***
[  244.508834] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  244.517841] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  244.526856] CR3 = 0x0000000000000000
[  244.530604] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  244.536687] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  244.542744] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
09:59:53 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(0x0, 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

[  244.549453] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  244.557569] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  244.565674] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  244.573772] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  244.581867] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  244.589889] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  244.598002] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  244.606114] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  244.614219] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  244.622553] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  244.630570] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  244.637213] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  244.644749] Interruptibility = 00000000  ActivityState = 00000000
[  244.651002] *** Host State ***
09:59:53 executing program 3:
syz_open_dev$binder(&(0x7f0000000080)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x4, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='\x00c@@'], 0x0, 0x0, 0x0})

[  244.654335] RIP = 0xffffffff812b177c  RSP = 0xffff88812e3af380
[  244.660352] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  244.666882] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  244.674772] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  244.680698] CR0=0000000080050033 CR3=000000016f7e0000 CR4=00000000001426f0
[  244.687850] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  244.694698] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  244.700874] *** Control State ***
[  244.704460] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  244.711167] EntryControls=0000d1ff ExitControls=002fefff
[  244.716863] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  244.723905] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  244.730602] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  244.737306]         reason=80000021 qualification=0000000000000000
[  244.739620] binder: 8927:8929 transaction failed 29189/-22, size 0-0 line 2834
[  244.743700] IDTVectoring: info=00000000 errcode=00000000
[  244.743715] TSC Offset = 0xffffff79055dc355
[  244.743728] TPR Threshold = 0x00
[  244.743745] EPT pointer = 0x000000016fc7401e
09:59:53 executing program 2:

09:59:53 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(0x0, 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

[  244.853875] binder: 8927:8931 transaction failed 29189/-22, size 0-0 line 2834
[  244.869160] binder: undelivered TRANSACTION_ERROR: 29189
[  244.874796] binder: undelivered TRANSACTION_ERROR: 29189
09:59:54 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0)
sendfile(r0, r1, 0x0, 0x80000002)

09:59:54 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
accept(r2, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

09:59:54 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
socket$inet6(0xa, 0x803, 0x20)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:59:54 executing program 3:

09:59:54 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(0x0, 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:54 executing program 2:

09:59:54 executing program 3:

[  245.176592] *** Guest State ***
[  245.180052] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  245.189024] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  245.197965] CR3 = 0x0000000000000000
[  245.201762] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  245.208026] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  245.214102] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  245.220801] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  245.228860] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  245.236947] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  245.245534] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  245.253629] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  245.261719] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  245.269733] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  245.277810] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  245.285868] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  245.293934] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  245.302250] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  245.308780] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  245.316340] Interruptibility = 00000000  ActivityState = 00000000
[  245.322652] *** Host State ***
[  245.325879] RIP = 0xffffffff812b177c  RSP = 0xffff88819c5df380
[  245.331976] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  245.338424] FSBase=00007fb6c7b3c700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  245.346354] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  245.352331] CR0=0000000080050033 CR3=00000001315f7000 CR4=00000000001426e0
[  245.361512] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ac015f0
[  245.368332] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  245.374466] *** Control State ***
[  245.377948] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  245.384733] EntryControls=0000d1ff ExitControls=002fefff
[  245.390222] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  245.397278] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  245.404027] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  245.410664]         reason=80000021 qualification=0000000000000000
[  245.417106] IDTVectoring: info=00000000 errcode=00000000
[  245.422642] TSC Offset = 0xffffff78aab49cc2
09:59:54 executing program 2:

09:59:54 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x0)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:54 executing program 3:

[  245.426995] TPR Threshold = 0x00
[  245.430395] EPT pointer = 0x000000017010d01e
09:59:54 executing program 2:

09:59:54 executing program 3:

09:59:54 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0)
sendfile(r0, r1, 0x0, 0x80000002)

09:59:54 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x2f, 0x0, 0x0)
listen(r2, 0xfffffffffffffffe)
accept(r2, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

09:59:54 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x0)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:54 executing program 3:

09:59:54 executing program 2:

09:59:54 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
socket$inet6(0xa, 0x803, 0x20)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:59:54 executing program 3:

09:59:55 executing program 2:

09:59:55 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x0)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

[  246.100347] *** Guest State ***
[  246.103931] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  246.112908] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  246.121892] CR3 = 0x0000000000000000
[  246.125638] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  246.131698] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  246.137753] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
09:59:55 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

[  246.144539] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  246.152624] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  246.160651] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  246.168742] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  246.177737] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  246.185964] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
09:59:55 executing program 3:

09:59:55 executing program 2:

[  246.194021] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  246.202224] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  246.210230] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  246.218313] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  246.226383] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  246.232882] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  246.240589] Interruptibility = 00000000  ActivityState = 00000000
[  246.246926] *** Host State ***
[  246.250154] RIP = 0xffffffff812b177c  RSP = 0xffff888187a2f380
[  246.256239] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  246.262842] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  246.270667] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  246.276658] CR0=0000000080050033 CR3=000000016f2eb000 CR4=00000000001426f0
[  246.283767] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  246.290467] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  246.296621] *** Control State ***
[  246.300128] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  246.306893] EntryControls=0000d1ff ExitControls=002fefff
[  246.312462] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  246.319431] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  246.326358] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  246.333025]         reason=80000021 qualification=0000000000000000
[  246.339466] IDTVectoring: info=00000000 errcode=00000000
[  246.345038] TSC Offset = 0xffffff782b64b833
[  246.349386] TPR Threshold = 0x00
[  246.352868] EPT pointer = 0x00000001709b901e
09:59:55 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0)
sendfile(r0, r1, 0x0, 0x80000002)

09:59:55 executing program 3:

09:59:55 executing program 2:

09:59:55 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0xfffffffffffffffe)
accept(r2, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

09:59:55 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
socket$inet6(0xa, 0x803, 0x20)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:59:55 executing program 4:
socket(0x10, 0x2, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendfile(0xffffffffffffffff, r0, 0x0, 0x80000002)

09:59:55 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

[  246.765603] *** Guest State ***
[  246.769004] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  246.778111] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  246.787170] CR3 = 0x0000000000000000
[  246.790915] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  246.797035] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  246.803163] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
09:59:55 executing program 3:

09:59:55 executing program 2:

[  246.809916] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  246.818995] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  246.827159] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  246.835231] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  246.843339] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  246.851350] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  246.859452] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  246.867539] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  246.875645] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  246.883759] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  246.891868] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  246.898314] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  246.905919] Interruptibility = 00000000  ActivityState = 00000000
[  246.912235] *** Host State ***
09:59:55 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x80000002)

[  246.915462] RIP = 0xffffffff812b177c  RSP = 0xffff8881724ff380
[  246.921472] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  246.927998] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  246.935993] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  246.942002] CR0=0000000080050033 CR3=000000012e396000 CR4=00000000001426f0
[  246.949176] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  246.955967] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  246.962113] *** Control State ***
09:59:56 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

[  246.965607] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  246.972395] EntryControls=0000d1ff ExitControls=002fefff
[  246.977971] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  246.985061] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  246.991822] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  246.998437]         reason=80000021 qualification=0000000000000000
[  247.004879] IDTVectoring: info=00000000 errcode=00000000
[  247.010356] TSC Offset = 0xffffff77cf808884
[  247.014791] TPR Threshold = 0x00
[  247.018207] EPT pointer = 0x000000012cf2d01e
09:59:56 executing program 2:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
epoll_create(0x0)
epoll_create(0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
add_key$user(0x0, 0x0, 0x0, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000200)=<r1=>0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000100)=0x800000009)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
getegid()
r2 = openat$pfkey(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(&(0x7f0000001240)={0x1, 0x70, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4, 0x0, 0x2, 0x6512dd2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2, 0x8, 0xffffffffffffff00, 0x6, 0xc1, 0xffffffffffffffeb, 0x4, 0x0, 0x0, 0x4, @perf_config_ext={0x7}, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0xd8}, 0x0, 0x0, r2, 0x9)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$inet6(0xa, 0x0, 0xe5)
pipe2(&(0x7f0000000140)={<r3=>0xffffffffffffffff}, 0x0)
ioctl$EVIOCGNAME(0xffffffffffffffff, 0x80404506, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f00000001c0)={0xa, 0x4e22}, 0x1c)
listen(r4, 0xc)
ioctl$ASHMEM_SET_NAME(r3, 0x41007701, &(0x7f00000000c0)='eth0mime_type\x00')
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
accept4(r4, &(0x7f0000000000)=@xdp, &(0x7f0000000180)=0x80, 0x0)
shutdown(r4, 0x1)
sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)

09:59:56 executing program 3:
perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0)
symlink(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000100)='./file0/file0\x00')
rename(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000140)='./file0/file1\x00')
link(&(0x7f00000001c0)='./file0/file1\x00', &(0x7f0000000200)='./file0/file0\x00')

09:59:56 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendfile(r0, r1, 0x0, 0x0)

09:59:56 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, 0x0, 0x0)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:56 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
listen(0xffffffffffffffff, 0xfffffffffffffffe)
accept(0xffffffffffffffff, 0x0, &(0x7f0000000200))
dup2(r0, 0xffffffffffffffff)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r2, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

09:59:56 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x70, 0x71, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r1, r0)

09:59:56 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:59:56 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendfile(r0, r1, 0x0, 0x0)

09:59:56 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, 0x0, 0x0)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:56 executing program 2:
perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0)
symlink(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000100)='./file0/file0\x00')
rename(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000140)='./file0/file1\x00')

09:59:57 executing program 3:
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f00000001c0), 0xfffffef3)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20000802, &(0x7f0000000100)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10)
read(r0, &(0x7f0000000200)=""/13, 0xfffffffffffffdb4)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6_vti0\x00', 0x10)
lstat(&(0x7f0000000900)='./file0/file0\x00', &(0x7f0000000840))
write$FUSE_INTERRUPT(r0, &(0x7f0000000140)={0x10}, 0xfffffd2a)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)

09:59:57 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\xac\xc7\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendfile(r0, r1, 0x0, 0x0)

09:59:57 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, 0x0, 0x0)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:57 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000d1c000)=0x6, 0x4)
bind$inet6(r0, &(0x7f0000f67fe4)={0xa, 0x4e20}, 0x1c)

09:59:57 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:59:57 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[], 0x0)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

[  248.272173] *** Guest State ***
[  248.275620] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  248.284777] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  248.293709] CR3 = 0x0000000000000000
[  248.297470] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  248.303673] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  248.309753] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  248.316523] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  248.324647] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  248.332735] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  248.340747] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  248.348834] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  248.356969] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  248.365064] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  248.373206] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  248.381388] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  248.389480] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  248.397591] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  248.404106] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  248.411594] Interruptibility = 00000000  ActivityState = 00000000
[  248.417955] *** Host State ***
[  248.421182] RIP = 0xffffffff812b177c  RSP = 0xffff88812c07f380
[  248.427331] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  248.433831] FSBase=00007fb6c7b3c700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  248.441756] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  248.447683] CR0=0000000080050033 CR3=000000016f0e2000 CR4=00000000001426e0
[  248.454842] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ac015f0
[  248.461580] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  248.467764] *** Control State ***
[  248.471252] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  248.478056] EntryControls=0000d1ff ExitControls=002fefff
[  248.483625] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  248.490631] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  248.497434] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  248.504138]         reason=80000021 qualification=0000000000000000
[  248.510489] IDTVectoring: info=00000000 errcode=00000000
[  248.516079] TSC Offset = 0xffffff7701c2a48a
09:59:57 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
listen(0xffffffffffffffff, 0xfffffffffffffffe)
accept(0xffffffffffffffff, 0x0, &(0x7f0000000200))
dup2(r0, 0xffffffffffffffff)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r2, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

09:59:57 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[], 0x0)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:57 executing program 2:
syz_emit_ethernet(0x2a, &(0x7f0000000100)={@link_local, @dev, [], {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x0, @broadcast, @empty, @dev, @local}}}}, 0x0)

[  248.520535] TPR Threshold = 0x00
[  248.524011] EPT pointer = 0x00000001703f301e
09:59:57 executing program 4:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
getpid()
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0)
sendmmsg$unix(r0, 0x0, 0xfffffe4a, 0xfffffffffffffffe)
sendto$inet6(r2, 0x0, 0x0, 0x20000001, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r2, 0x40106614, &(0x7f00000001c0))
splice(r2, 0x0, r1, 0x0, 0x1000000000000003, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f00000002c0))
ioctl(r3, 0x1000008912, &(0x7f0000000200)="a8981f0a3c010000808070")
socket$unix(0x1, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bind$unix(0xffffffffffffffff, 0x0, 0xfffffffffffffeed)
listen(r0, 0x401)
close(r1)
socket$inet6(0xa, 0x800, 0x81)
ioctl$TUNGETIFF(r1, 0x800454d2, &(0x7f0000000240))
connect$inet(r1, &(0x7f0000000300)={0x2, 0x4e20, @broadcast}, 0x10)
fchdir(r1)
syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00')
dup3(r2, r0, 0x80000)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000028}, 0xc, 0x0}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendto$packet(r2, &(0x7f0000000340), 0xffffffffffffffd4, 0x50, 0x0, 0xffffffffffffff9a)

09:59:57 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:59:57 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[], 0x0)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

[  248.826030] *** Guest State ***
[  248.829540] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  248.838598] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  248.847516] CR3 = 0x0000000000000000
[  248.851256] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  248.857303] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  248.863365] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  248.870217] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  248.878395] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  248.886469] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  248.894530] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  248.902590] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  248.910607] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  248.918638] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  248.926725] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  248.934788] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  248.942889] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  248.950924] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  248.957485] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  248.965120] Interruptibility = 00000000  ActivityState = 00000000
[  248.971471] *** Host State ***
[  248.974793] RIP = 0xffffffff812b177c  RSP = 0xffff88812eabf380
[  248.980816] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  248.987353] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  248.995252] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  249.001175] CR0=0000000080050033 CR3=000000012d704000 CR4=00000000001426f0
[  249.008320] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  249.015093] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  249.021174] *** Control State ***
09:59:58 executing program 3:
perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)='/gro<#\xfbW\xe6\xc6\x0f\x1fKE\xb7M\x99\x9a\x9a\x8c,\xe1[&\xe5\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ}\xb7\xf3\xfe\xf6\xe0.+\xe3\x89\xde\x139E\xa3\x85\xbd\x81\xe9\xbd\xee\xee\x03\x00\x00\x00\x00\x00\x00\x00[T\aE\xdfK\x1d\xeeH;\x15v$\xc5\xbcq\x9a\t\x9ej5\t\x00\x00\x009\x8c4', 0x2761, 0x0)

09:59:58 executing program 2:
mkdir(&(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0)
creat(&(0x7f0000000000)='./file0/file1\x00', 0x0)
symlink(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000100)='./file0/file0\x00')
rename(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000140)='./file0/file1\x00')

09:59:58 executing program 4:
perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x88)
sendto$inet6(r0, 0x0, 0x0, 0x8800, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

09:59:58 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(0xffffffffffffffff, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:58 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
listen(0xffffffffffffffff, 0xfffffffffffffffe)
accept(0xffffffffffffffff, 0x0, &(0x7f0000000200))
dup2(r0, 0xffffffffffffffff)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r2, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

[  249.024728] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  249.031539] EntryControls=0000d1ff ExitControls=002fefff
[  249.037113] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  249.044130] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  249.050826] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  249.057516]         reason=80000021 qualification=0000000000000000
[  249.063907] IDTVectoring: info=00000000 errcode=00000000
[  249.069379] TSC Offset = 0xffffff76b557db5c
[  249.074239] TPR Threshold = 0x00
[  249.077641] EPT pointer = 0x000000012d78301e
09:59:58 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(0xffffffffffffffff, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:58 executing program 3:
timer_create(0x0, 0x0, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000140), &(0x7f0000000240)=0x14)
ioctl$ION_IOC_ALLOC(0xffffffffffffffff, 0xc0184900, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0)
clone(0x2102001fb6, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000080)={0x1})
accept4(0xffffffffffffffff, 0x0, 0x0, 0x800)
ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, 0x0)
ioctl$void(0xffffffffffffffff, 0x0)

09:59:58 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000000080)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ppoll(&(0x7f0000000200)=[{r1}], 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000010000/0x4000)=nil, 0x4000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x4, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="11634840"], 0x0, 0x0, 0x0})

09:59:58 executing program 2:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgget$private(0x0, 0x0)
msgget(0x2, 0x0)
msgctl$IPC_STAT(0x0, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_FLUSH(0xffffffffffffffff, 0x0, 0x485, 0x0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)

09:59:58 executing program 3:
clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x40000000, 0x0)
r0 = getpid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
openat$smack_thread_current(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x400000007a181, 0x0)
pipe(0x0)
rt_sigqueueinfo(r0, 0x26, &(0x7f0000000100))

09:59:58 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(0xffffffffffffffff, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:58 executing program 5:
r0 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r0, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:59:58 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0xfffffffffffffffe)
accept(r1, 0x0, &(0x7f0000000200))
dup2(r0, r1)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r2, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

09:59:58 executing program 5:
r0 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r0, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:59:58 executing program 3:
perf_event_open(&(0x7f0000000040)={0x1000000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000007f00)=[{{&(0x7f00000056c0)=@can, 0x10, &(0x7f00000000c0)}}, {{&(0x7f0000005900)=@pppoe={0x18, 0x0, {0x0, @link_local, 'syzkaller0\x00'}}, 0x80, &(0x7f0000007ac0), 0x1a9, &(0x7f0000007b00)}}], 0x3fffffffffffe0d, 0x0)

09:59:58 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, 0xffffffffffffffff, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:58 executing program 5:
r0 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r0, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:59:58 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, 0xffffffffffffffff, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:58 executing program 3:
r0 = socket$inet6(0xa, 0x80002, 0x100000000000088)
bind$inet6(r0, &(0x7f0000d85fe4)={0xa, 0x4e23}, 0x1c)
recvfrom$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x802, 0x88)
setsockopt$inet6_udp_int(r1, 0x11, 0x100000000a, &(0x7f0000000480)=0x8, 0x4)
sendto$inet6(r1, 0x0, 0x0, 0x8800, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c)
socket(0x0, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(r1, &(0x7f0000000d40)="dd", 0x1, 0x0, 0x0, 0x0)

[  250.206497] binder: BINDER_SET_CONTEXT_MGR already set
[  250.212122] binder: 9140:9186 ioctl 40046207 0 returned -16
[  250.220500] binder_alloc: 9140: binder_alloc_buf, no vma
[  250.220621] binder: release 9140:9155 transaction 8 out, still active
[  250.226193] binder: 9140:9186 transaction failed 29189/-3, size 0-0 line 2973
[  250.232826] binder: undelivered TRANSACTION_COMPLETE
[  250.247148] binder: undelivered TRANSACTION_ERROR: 29189
09:59:59 executing program 4:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
connect$inet(r0, &(0x7f0000f6fff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x6)
r1 = accept(r0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000000), 0x0)

09:59:59 executing program 2:
ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x41007701, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c)
connect$l2tp(0xffffffffffffffff, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x26)
sendmmsg(r0, &(0x7f0000005fc0), 0x8000000000000fc, 0x0)

09:59:59 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:59:59 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, 0xffffffffffffffff, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:59 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x910, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000007780)=[{{0x0, 0xfffffffffffffd37, 0x0}}], 0xa5, 0x0)

[  250.301831] binder: send failed reply for transaction 8, target dead
09:59:59 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0xfffffffffffffffe)
accept(r1, 0x0, &(0x7f0000000200))
dup2(r0, r1)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r2, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

09:59:59 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:59:59 executing program 3:
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0/file0\x00', 0x0)
mkdir(&(0x7f0000000380)='./file0/file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0/file1/file0\x00', 0x0)
rename(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000200)='./file0/file1\x00')

09:59:59 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, 0x0, 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

09:59:59 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r0, &(0x7f000000fd80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f000000bf40)=""/238, 0xee}}], 0x0, 0x0, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, 0x10, 0x701, 0x0, 0x0, {0x3}}, 0x14}}, 0x0)

09:59:59 executing program 2:
ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x41007701, &(0x7f00000001c0)='/dev/usbmon#\x00')
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
pipe(&(0x7f0000000480))
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f00000006c0)={0x6, &(0x7f0000000640)=[{}, {}, {}, {}, {}, {}]})
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x40000000000003b, 0x0, 0x0)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c)
connect$l2tp(0xffffffffffffffff, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000005fc0), 0x8000000000000fc, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
name_to_handle_at(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000380), 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f00000002c0), 0x0)
connect$l2tp(0xffffffffffffffff, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e22, @broadcast}, 0x4, 0x4}}, 0x2e)
connect$can_bcm(0xffffffffffffffff, &(0x7f0000002ff0), 0x10)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000005c0))

09:59:59 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, 0x0, 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

10:00:00 executing program 4:
syz_emit_ethernet(0x46, &(0x7f0000000700)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x10, 0x2f, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffff88]}, @local, {[], @dccp={{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}}}}}}}, 0x0)

10:00:00 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:00 executing program 3:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f0000000000)=""/108)
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)

10:00:00 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, 0x0, 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

10:00:00 executing program 2:
r0 = add_key$keyring(&(0x7f0000000280)='keyring\x00', &(0x7f00000002c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffc)
add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000000)={'syz'}, 0x0, 0x0, r0)

10:00:00 executing program 3:
mkdirat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00\x00\x00\x00\x00\x00\x00\t0\x00', 0x1ff)
mount$fuse(0x20000000, &(0x7f0000000080)='./file0\x00', 0x0, 0x7a00, 0x0)
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
name_to_handle_at(r0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)={0x8}, 0x0, 0x1000)

10:00:00 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x0, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:00 executing program 4:
syz_emit_ethernet(0x46, &(0x7f0000000700)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x10, 0x2f, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffff88]}, @local, {[], @dccp={{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}}}}}}}, 0x0)

10:00:00 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0x0)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

10:00:00 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0xfffffffffffffffe)
accept(r1, 0x0, &(0x7f0000000200))
dup2(r0, r1)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r2, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:00 executing program 2:
mkdirat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00\x00\x00\x00\x00\x00\x00\t0\x00', 0x1ff)
mount$fuse(0x20000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000580)='fuse\x00', 0x7a00, 0x0)
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
name_to_handle_at(r0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)={0x8}, 0x0, 0x1000)
write$FUSE_NOTIFY_INVAL_INODE(0xffffffffffffffff, &(0x7f0000000440)={0x28, 0x2, 0x0, {0x4, 0x0, 0x7}}, 0x28)

10:00:00 executing program 4:
seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x50000}]})
syz_execute_func(&(0x7f0000000080)="660ff4cc2d2d05090065670f688b0c00004b0f28ffc6c60092009246899ef60f4c0f4c4c5acd00aa660fe2df8c3100bbe2e18e1d0000a600000000e600c4e17d5c58b1650f6314ccc4e1dd6dacbe75000000b85d5d00c4c275ac59a6c4c161d9f8c4c2692990f0ffff1fc30fc7b0ec000000")

[  251.665028] *** Guest State ***
[  251.668447] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  251.677476] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  251.686417] CR3 = 0x0000000000000000
[  251.690162] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  251.696322] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  251.702414] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  251.709123] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  251.717273] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  251.725354] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  251.733461] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  251.741471] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  251.749617] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  251.757898] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  251.766080] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  251.774396] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  251.782489] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  251.790507] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  251.797095] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  251.804639] Interruptibility = 00000000  ActivityState = 00000000
[  251.810898] *** Host State ***
10:00:00 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0x0)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

10:00:00 executing program 3:
perf_event_open(&(0x7f0000000040)={0x1000000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000007f00)=[{{&(0x7f00000056c0)=@can, 0x10, &(0x7f00000000c0)}}, {{&(0x7f0000005900)=@pppoe={0x18, 0x0, {0x0, @link_local, 'syzkaller0\x00'}}, 0x80, &(0x7f0000007ac0), 0x1a9, &(0x7f0000007b00)}}], 0x3fffffffffffe0d, 0x0)
syz_open_dev$swradio(0x0, 0xffffffffffffffff, 0x2)

[  251.814200] RIP = 0xffffffff812b177c  RSP = 0xffff88817010f380
[  251.820220] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  251.826757] FSBase=00007fb6c7b1b700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  251.834649] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  251.840586] CR0=0000000080050033 CR3=0000000170ff7000 CR4=00000000001426f0
[  251.847737] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  251.854497] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  251.860576] *** Control State ***
10:00:00 executing program 4:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
clone(0x2102001ff4, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount(&(0x7f0000000040)=@nullb='%d::]:0/,[\n\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='ceph\x00', 0x0, 0x0)

10:00:00 executing program 2:
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
getresgid(&(0x7f00000003c0), 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000500)={{'fd'}, 0x2c, {'rootmode'}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@allow_other='allow_other'}, {@blksize={'blksize', 0x3d, 0xc00}}]}})
mount$fuseblk(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x20, 0x0)
ioctl$BLKRAGET(0xffffffffffffffff, 0x1263, &(0x7f0000000080))
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000240))
capset(&(0x7f0000000380), 0x0)
clone(0x20002104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000140)={'syz'}, 0x0, 0x0, 0xfffffffffffffffc)
add_key(&(0x7f00000000c0)='encrypted\x00', &(0x7f0000000080)={'syz'}, &(0x7f0000000180)="ab", 0x1, r0)
keyctl$chown(0x4, r0, 0x0, 0x0)
pivot_root(&(0x7f0000000280)='./file0\x00', 0x0)

[  251.864167] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  251.870863] EntryControls=0000d1ff ExitControls=002fefff
[  251.876438] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  251.883457] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  251.890150] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  251.896925]         reason=80000021 qualification=0000000000000000
[  251.903353] IDTVectoring: info=00000000 errcode=00000000
[  251.908839] TSC Offset = 0xffffff7531690618
[  251.913273] TPR Threshold = 0x00
[  251.916666] EPT pointer = 0x000000012b04301e
[  251.986130] ceph: device name is missing path (no : separator in %d::]:0/,[
[  251.986130] )
10:00:01 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x0, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  252.090258] ceph: device name is missing path (no : separator in %d::]:0/,[
[  252.090258] )
[  252.223469] *** Guest State ***
[  252.226830] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  252.235842] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  252.245098] CR3 = 0x0000000000000000
[  252.248975] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  252.255080] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  252.261120] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  252.268074] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  252.276177] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  252.284273] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  252.292352] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  252.300368] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  252.308503] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  252.316574] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  252.324671] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  252.332772] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  252.340787] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  252.348881] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  252.355732] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  252.363330] Interruptibility = 00000000  ActivityState = 00000000
[  252.369594] *** Host State ***
[  252.372900] RIP = 0xffffffff812b177c  RSP = 0xffff888170e3f380
[  252.378903] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  252.385418] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  252.393289] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  252.399193] CR0=0000000080050033 CR3=000000016f5cc000 CR4=00000000001426f0
[  252.406329] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  252.413060] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  252.419116] *** Control State ***
[  252.422656] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  252.429336] EntryControls=0000d1ff ExitControls=002fefff
[  252.434868] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  252.441877] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  252.448555] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  252.455210]         reason=80000021 qualification=0000000000000000
[  252.461551] IDTVectoring: info=00000000 errcode=00000000
[  252.467099] TSC Offset = 0xffffff74e3ffcc63
[  252.471440] TPR Threshold = 0x00
[  252.474868] EPT pointer = 0x000000016fc8001e
10:00:01 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0xfffffffffffffffe)
accept(r0, 0x0, &(0x7f0000000200))
dup2(0xffffffffffffffff, r0)
r1 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:01 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0x0)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

10:00:01 executing program 4:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
fchdir(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
rmdir(&(0x7f0000000680)='./file0\x00')
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)

10:00:01 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setrlimit(0x7, &(0x7f0000000000))

10:00:01 executing program 2:
request_key(&(0x7f0000000000)='dns_resolver\x00', &(0x7f0000000040)={'syz'}, 0x0, 0xfffffffffffffffe)

10:00:01 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x0, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:01 executing program 2:
add_key(&(0x7f0000000040)='user\x00', &(0x7f0000000080)={'syz'}, 0x0, 0x0, 0xfffffffffffffffb)

[  252.683170] *** Guest State ***
[  252.686599] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  252.695698] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  252.704608] CR3 = 0x0000000000000000
[  252.708434] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  252.714530] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  252.720544] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
10:00:01 executing program 4:
shmat(0x0, &(0x7f0000952000/0x2000)=nil, 0x4000)
clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, 0x0, 0x0)

10:00:01 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

[  252.727368] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  252.735448] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  252.743518] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  252.751534] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  252.759634] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  252.767725] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  252.775804] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  252.783912] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  252.792117] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  252.800145] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  252.808343] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  252.814845] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  252.822422] Interruptibility = 00000000  ActivityState = 00000000
[  252.828758] *** Host State ***
10:00:01 executing program 3:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ashmem\x00', 0x400001, 0x0)
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$ASHMEM_PURGE_ALL_CACHES(r0, 0x770a, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000fc0)='/dev/ptmx\x00', 0xfffffffffffffffb, 0x0)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000880)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x6, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x100000000, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x3, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0xf39, 0x80, 0x0, 0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xfffffffffffffff7, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x80000000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2a, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2, 0xffffffff, 0x0, 0x0, 0x100000000, 0x0, 0xd87e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x100, 0x0, 0xfff, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10e3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff7, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x5, 0x10000, 0x0, 0x0, 0x0, 0x5, 0x6, 0x0, 0x0, 0xffffffff, 0x0, 0x3, 0x1, 0x40, 0x7fff, 0x0, 0x3, 0xd7b, 0x7fff, 0x0, 0x0, 0x0, 0x4, 0xfffffffffffff801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffffffffffff]}, 0x45c)
write$uinput_user_dev(r1, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_DEV_SETUP(r1, 0x5501, &(0x7f0000000300)={{}, 'syz0\x00'})
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000f00)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}})
r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='mountinfo\x00')
ioctl$sock_inet_SIOCGIFPFLAGS(r4, 0x8935, &(0x7f00000002c0)={'teql0\x00', 0x9})
ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000140))
mount(&(0x7f0000000d40)=ANY=[@ANYBLOB="eb211b0ef5df1b0a7eadeab0c375a3a40e25becc9ec416499d8b4e102990454cc6b61826eeb2a4055c208a803e9c8e8bf7ff0091212e4d9e4c25acf6de1e78825db21649beee91a9d1da4e1aa55dbe47c9412195d377a170c16d7d850000cf75f43ce3f1d70b9d7baa8f2467e8609efe14e3ff387733d1193d4cb8fa7d482f01e622d3623ab5cfe1f830ad600a7510b690426141f8d92d0d51745903c515374b1f26454558028ff8c07028d9bb64a78447e7b4cab96e224666e5c8a634a91f2ef0ca27d5f7004971bcc7bb816deb5f4715b884559273470e037a30f80f4e18cc10507afa3c2ee8172c72c2d60479de6d36"], 0x0, &(0x7f000000c000)='ramfs\x00', 0x0, &(0x7f000000a000))
mount(&(0x7f0000000e80)=ANY=[@ANYBLOB="3897c61e23d3971024b0e8eb675766d6275488bb0fb34f52ffa1089abf3a2dda6cac0800005d2fef6de3890668ac6d16dcf001c0c3704e9f3f984b6b7b1039cfd93e445671550a8131d1374211"], 0x0, &(0x7f0000811ffa)='bdev\x00', 0x100000, &(0x7f0000444000))
mount(&(0x7f0000001100)=ANY=[@ANYBLOB="fa05b35d15c5fd59e93ff0386032418a3dc099b3ef285d31cc84ca47ea35873924b971629df84930255f4457be776de9e2e9cf24cb7a23748ea608533bcfc238061efe25d62cfa50"], 0x0, &(0x7f0000001040)='anon_inodefs\x00', 0x80010, 0x0)
mount(&(0x7f0000001580)=ANY=[@ANYBLOB="7f26c5d2ad7b1bd2bd00000000d84f00876ae6f704a917cc03ddfa328abf305d89eac47da21f692048eb26a96fe6dd651b3f7f357fa5abb196532e7179785fd90daf457128daead58e6361cf6b657f1f552770e3d6a50b8a8e2c772b6433374b105d48eb72bbea1b6f7006ad1c398fe700b5e605df3f3366620e210bc0f35cedd3018330b95c12ff1d0cdbdbffebb8069c0ddf6fe069c08745c3cd676f8b1c455dbf9812e47e7df667e7521cdeaf97e3"], 0x0, &(0x7f00000012c0)='ramfs\x00', 0x80000, &(0x7f000002f000))
pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00')
mount(&(0x7f0000001300)=ANY=[@ANYBLOB="447e8d0e010000008b2fc8ba1cda67672556dd28610db6db5bb1aa0b10674609eae299999ae213149ed93f8c5784c744c86cc2fe1d7ea960933871fd7072d81fd9575ce0b5822a8d23985f17c5d13bf003571edf9a6a29e11e30a522bf4f0fa3fd89f8c290bddddd62e37585a284283bf300594ef8d5fc3323836c5fd3273490cf84aafb73ca5ec733f17fe4f75adfa4592bd1aaec6bcde200db6807f655ba792b1d0fea9e36b61ef3fd3bdcff3c9d93b05b72a008008980d3b4fa02000000000000000f81c12731d548717178715841154f2ec6c41df75b29105f7efeb471b7f9c3d91142f9aa51122849f4e5f990f4923f8170a4dd7d90ef7c59f3b0e48a6553d376964e246e2383bb5cf694d03e14ffd578d6d1f0b88bae1ccf6e8be9ba559ba9033e47e766195e7cc62e602b09bf648f5f99d005b0d57ca505a7503e9526b904dbc68fd92425f931c2fa7a567d213119f30948f6a6301419ee185826fe3a532f0f592196db8cf261c0c10ed914239ea730541b1e1fb1dce997357f33a22f4a697c476eb7640245c1eb454a0cb8c043e30927fc456667bb0609a6075dff56"], 0x0, &(0x7f0000753000)='mslos\x00', 0x5010, &(0x7f00000e7000))
preadv(r4, &(0x7f0000000040)=[{&(0x7f0000002200)=""/4096, 0x1000}], 0x1, 0x0)
ioctl$int_out(r3, 0x2000005460, &(0x7f0000001080))
utimes(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)={{0x77359400}, {0x77359400}})
close(r2)
r5 = socket$inet6(0xa, 0x80a, 0x8000000000000)
ioctl(r5, 0x8912, &(0x7f0000001640)="0a5cc80700315f85714070728e8319886de40109eaaaa269b70bab11f580fe34eabcf86a4d53e20b7418c7f6036ec811f98e99d89950ea3c12cf3f8fc3249aa97df4befa99c4de51e5f733b2df02d179c4fe00000000000003c9cdc8bf3bbc2b7b6a149dc0db75eabafe8bb92e48b6166f6b10df092c5d72c887c45dd1d4dc390fad03a2e55180d84cc34088dff08df2cffffbb43cde0ba1514c53bba575ddbf7a4f9199fbb0ddd734a795b7e10854250a4fbe68f54a7e20bba029582425af10f3dfc0a6bdf9e3151d3ca88d273bca9eef04088aef46d16dd69795af42cf87cf7a82335a682ce715ba874088342692234014a654e4a33882479899a415957d084ed6a4ec071f714eb55dc219299f8da4")
write$P9_RWRITE(r4, &(0x7f00000001c0)={0xb, 0x77, 0x2, 0x1}, 0xb)
socket$inet6_udplite(0xa, 0x2, 0x88)

[  252.832060] RIP = 0xffffffff812b177c  RSP = 0xffff88816e70f380
[  252.838097] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  252.844718] FSBase=00007fb6c7b1b700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  252.852786] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  252.858909] CR0=0000000080050033 CR3=000000016ffb3000 CR4=00000000001426f0
[  252.866037] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  252.872830] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  252.878911] *** Control State ***
[  252.882475] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  252.889170] EntryControls=0000d1ff ExitControls=002fefff
[  252.894784] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  252.901913] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  252.908636] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  252.915330]         reason=80000021 qualification=0000000000000000
[  252.921763] IDTVectoring: info=00000000 errcode=00000000
[  252.927249] TSC Offset = 0xffffff74a3bbe0a2
[  252.931778] TPR Threshold = 0x00
[  252.935172] EPT pointer = 0x000000016eb7901e
10:00:02 executing program 4:
r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x80000000007, 0x1000000000000001)
ioctl$FS_IOC_FSGETXATTR(r0, 0x80045505, &(0x7f0000000040)={0x2})

10:00:02 executing program 2:
perf_event_open(&(0x7f00000001c0)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0)
readv(r0, 0x0, 0x0)

[  253.037408] input: syz1 as /devices/virtual/input/input5
[  253.078047] usb usb5: usbfs: interface 0 claimed by hub while 'syz-executor4' sets config #2
10:00:02 executing program 4:
perf_event_open(&(0x7f00000001c0)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vcs\x00', 0x2, 0x0)
write$smack_current(r0, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x20)

10:00:02 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0xfffffffffffffffe)
accept(r0, 0x0, &(0x7f0000000200))
dup2(0xffffffffffffffff, r0)
r1 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:02 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

10:00:02 executing program 2:
perf_event_open(&(0x7f00000001c0)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000080)={'ip6gre0\x00', @ifru_data=&(0x7f0000000040)="75c263b6536442e26fa28ebb9b09acbb07b67d99463931d6ae20d72009ad5689"})

10:00:02 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x0)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:02 executing program 3:
openat$ashmem(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ashmem\x00', 0x400001, 0x0)
ioctl$ASHMEM_PURGE_ALL_CACHES(0xffffffffffffffff, 0x770a, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000880)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff7, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xd87e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10e3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff7, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x5, 0x10000, 0x0, 0x0, 0x0, 0x5, 0x6, 0x0, 0x0, 0xffffffff, 0x0, 0x3, 0x1, 0x40, 0x7fff, 0x0, 0x3, 0xd7b, 0x7fff, 0x0, 0x0, 0x0, 0x4, 0xfffffffffffff801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffffffffffff]}, 0x45c)
ioctl$UI_DEV_SETUP(r0, 0x5501, &(0x7f0000000300)={{}, 'syz0\x00'})
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000180)='mountinfo\x00')
ioctl$sock_inet_SIOCGIFPFLAGS(r1, 0x8935, &(0x7f00000002c0)={'teql0\x00', 0x9})
ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000140))
mount(&(0x7f0000000d40)=ANY=[@ANYBLOB="eb211b0ef5df1b0a7eadeab0c375a3a40e25becc9ec416499d8b4e102990454cc6b61826eeb2a4055c208a803e9c8e8bf7ff0091212e4d9e4c25acf6de1e78825db21649beee91a9d1da4e1aa55dbe47c9412195d377a170c16d7d850000cf75f43ce3f1d70b9d7baa8f2467e8609efe14e3ff387733d1193d4cb8fa7d482f01e622d3623ab5cfe1f830ad600a7510b690426141f8d92d0d51745903c515374b1f26454558028ff8c07028d9bb64a78447e7b4cab96e224666e5c8a634a91f2ef0ca27d5f7004971bcc7bb816deb5f4715b884559273470e037a30f80f4e18cc10507afa3c2ee8172c72c2d60479de6d36"], 0x0, &(0x7f000000c000)='ramfs\x00', 0x0, &(0x7f000000a000))
mount(&(0x7f0000001100)=ANY=[@ANYBLOB="fa05b35d15c5fd59e93ff0386032418a3dc099b3ef285d31cc84ca47ea35873924b971629df84930255f4457be776de9e2e9cf24cb7a23748ea608533bcfc238061efe25d62cfa50"], 0x0, &(0x7f0000001040)='anon_inodefs\x00', 0x80010, 0x0)
mount(&(0x7f0000001580)=ANY=[@ANYBLOB="7f26c5d2ad7b1bd2bd00000000d84f00876ae6f704a917cc03ddfa328abf305d89eac47da21f692048eb26a96fe6dd651b3f7f357fa5abb196532e7179785fd90daf457128daead58e6361cf6b657f1f552770e3d6a50b8a8e2c772b6433374b105d48eb72bbea1b6f7006ad1c398fe700b5e605df3f3366620e210bc0f35cedd3018330b95c12ff1d0cdbdbffebb8069c0ddf6fe069c08745c3cd676f8b1c455dbf9812e47e7df667e7521cdeaf97e3"], 0x0, &(0x7f00000012c0)='ramfs\x00', 0x80000, &(0x7f000002f000))
pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00')
close(0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000001640)="0a5cc80700315f85714070728e8319886de40109eaaaa269b70bab11f580fe34eabcf86a4d53e20b7418c7f6036ec811f98e99d89950ea3c12cf3f8fc3249aa97df4befa99c4de51e5f733b2df02d179c4fe00000000000003c9cdc8bf3bbc2b7b6a149dc0db75eabafe8bb92e48b6166f6b10df092c5d72c887c45dd1d4dc390fad03a2e55180d84cc34088dff08df2cffffbb43cde0ba1514c53bba575ddbf7a4f9199fbb0ddd734a795b7e10854250a4fbe68f54a7e20bba029582425af10f3dfc0a6bdf9e3151d3ca88d273bca9eef04088aef46d16dd69795af42cf87cf7a82335a682ce715ba874088342692234014a654e4a33882479899a415957d084ed6a4ec071f714eb55dc219299f8da4")
write$P9_RWRITE(r1, &(0x7f00000001c0)={0xb, 0x77, 0x2, 0x1}, 0xb)

10:00:02 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

[  253.649491] *** Guest State ***
[  253.653008] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  253.661980] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  253.670941] CR3 = 0x0000000000000000
[  253.674779] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  253.680815] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  253.686893] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  253.693675] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  253.701761] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  253.709788] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  253.717876] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  253.726180] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  253.734307] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
10:00:02 executing program 4:
sched_setaffinity(0x0, 0x8, &(0x7f0000000140))
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000440)={0x0, 0x0, 0x1}, 0x14)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2, &(0x7f00000000c0)=0x201, 0x4)
bind$inet6(r0, &(0x7f0000000480)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000180)='veno\x00', 0x5)
sendto$inet6(r1, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
lseek(0xffffffffffffffff, 0x0, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x12, 0x0, @thr={&(0x7f0000000340), 0x0}}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x1c9c380}}, &(0x7f0000040000))
tkill(r2, 0x401104000000016)

10:00:02 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79})
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000001"])

[  253.742378] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  253.750392] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  253.758504] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  253.766578] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  253.774661] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  253.781110] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  253.788671] Interruptibility = 00000000  ActivityState = 00000000
[  253.795200] *** Host State ***
[  253.798888] RIP = 0xffffffff812b177c  RSP = 0xffff88816c55f380
[  253.805167] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  253.811694] FSBase=00007fb6c7b3c700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  253.819519] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  253.819547] CR0=0000000080050033 CR3=000000016e9ed000 CR4=00000000001426e0
[  253.819576] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ac015f0
[  253.819598] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  253.819612] *** Control State ***
[  253.819631] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  253.819646] EntryControls=0000d1ff ExitControls=002fefff
[  253.819669] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  253.819687] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  253.819714] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  253.881996]         reason=80000021 qualification=0000000000000000
[  253.888354] IDTVectoring: info=00000000 errcode=00000000
[  253.893888] TSC Offset = 0xffffff7423382abe
[  253.898247] TPR Threshold = 0x00
[  253.901705] EPT pointer = 0x00000001af7ed01e
10:00:03 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x0)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

10:00:03 executing program 4:
r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x80000000007, 0x1000000000000001)
ioctl$FS_IOC_FSGETXATTR(r0, 0x80045518, &(0x7f0000000040)={0x2})

10:00:03 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79})
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000002"])

10:00:03 executing program 3:
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={{'fd'}, 0x2c, {'rootmode'}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize'}}]}})
r0 = syz_open_dev$media(0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r0, r0, &(0x7f0000fe7000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$BLKRAGET(0xffffffffffffffff, 0x1263, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x3)
ioctl$VIDIOC_DBG_S_REGISTER(r1, 0x4038564f, 0x0)
ioctl(r1, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070")
clone(0x20002104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r2 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000140)={'syz'}, 0x0, 0x0, 0xfffffffffffffffc)
add_key(&(0x7f00000000c0)='encrypted\x00', &(0x7f0000000080)={'syz'}, &(0x7f0000000180)="ab", 0x1, r2)
keyctl$chown(0x4, r2, 0x0, 0x0)

[  254.270245] encrypted_key: insufficient parameters specified
10:00:03 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0xfffffffffffffffe)
accept(r0, 0x0, &(0x7f0000000200))
dup2(0xffffffffffffffff, r0)
r1 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:03 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x0)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

10:00:03 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x29b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x94}], 0x1, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/packet\x00')
preadv(r0, &(0x7f0000000480), 0x1000000000000237, 0x0)
ioctl$sock_SIOCSIFBR(0xffffffffffffffff, 0x8941, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, 0x0)
memfd_create(0x0, 0x0)

10:00:03 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x0)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:03 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$vcsa(&(0x7f0000000180)='/dev/vcsa#\x00', 0x1ff, 0x1)
pwritev(r0, &(0x7f0000000540)=[{&(0x7f0000000740)="a44a536b6af5aee596dfc4cfeafedcf21f55ea3f6a7ca2e3a9fac2cb499e33bae75a49395d01b3710c4cebc7d1a5bfab17063bc3456e7352c824b74c40c5b3fabe92b0769c4389181f90e79c108b8d7f9aaa270eb89565fe81cc1565cbc1c7b4dc203129ff5f6c05869e99e3d445c68315362c71c73744b1f2ca450d8b3aebdd8adcefacfda76cd09152a6a23d3708604f60ee1db1f0bf29ecc6b53f3796d6d153cde522da65", 0xa6}], 0x1, 0x0)

10:00:03 executing program 2:
shmat(0x0, &(0x7f0000952000/0x2000)=nil, 0x4000)
clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)
lsetxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0)

10:00:03 executing program 2:
perf_event_open(&(0x7f00000001c0)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

10:00:03 executing program 4:
openat$ashmem(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ashmem\x00', 0x400001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x5501, &(0x7f0000000300)={{}, 'syz0\x00'})
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$sock_inet_SIOCGIFPFLAGS(0xffffffffffffffff, 0x8935, 0x0)
ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, 0x0)
mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0)
mount(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x80010, 0x0)
mount(0x0, 0x0, &(0x7f00000012c0)='ramfs\x00', 0x80000, &(0x7f000002f000))
pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00')
close(0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
write$P9_RWRITE(0xffffffffffffffff, 0x0, 0x0)

[  254.635528] *** Guest State ***
[  254.638994] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  254.648026] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  254.656982] CR3 = 0x0000000000000000
[  254.660728] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  254.666791] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  254.672851] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  254.679641] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  254.687739] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  254.695799] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  254.703889] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  254.711959] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  254.719978] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  254.728077] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  254.736153] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  254.744242] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  254.752316] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  254.760321] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  254.766858] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  254.774410] Interruptibility = 00000000  ActivityState = 00000000
[  254.780661] *** Host State ***
10:00:03 executing program 3:
perf_event_open(&(0x7f00000001c0)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000001240)='/dev/rtc0\x00', 0x0, 0x0)
fsetxattr(r0, &(0x7f00000000c0)=@known='trusted.overlay.nlink\x00', 0x0, 0x0, 0x0)
syz_open_dev$sndseq(0x0, 0x0, 0x600000)

10:00:03 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x0)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

[  254.783974] RIP = 0xffffffff812b177c  RSP = 0xffff88817080f380
[  254.789996] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  254.796519] FSBase=00007fb6c7b1b700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  254.804402] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  254.810324] CR0=0000000080050033 CR3=000000019c300000 CR4=00000000001426e0
[  254.817469] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ac015f0
[  254.824244] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  254.830357] *** Control State ***
10:00:03 executing program 2:

[  254.833944] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  254.840658] EntryControls=0000d1ff ExitControls=002fefff
[  254.846199] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  254.853257] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  254.859953] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  254.866663]         reason=80000021 qualification=0000000000000000
[  254.873073] IDTVectoring: info=00000000 errcode=00000000
[  254.878550] TSC Offset = 0xffffff73990ded25
[  254.882997] TPR Threshold = 0x00
[  254.886414] EPT pointer = 0x00000001a2e1c01e
10:00:04 executing program 2:
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_RD_TIME(r0, 0x80247009, &(0x7f0000000000))
ioctl$RTC_AIE_ON(0xffffffffffffffff, 0x7001)

10:00:04 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mount(0x0, &(0x7f0000000080)='./file0/\x00', &(0x7f0000000240)='proc\x00\x9bj,\x82?\x92\xab\x1d[/P\x15\\!\xb4\xdd\xad\xd9\x06\x00y!k\xec\xc1oG\xaf\xb3\xae\xc6\xb4\xd7W\xea\xc0\xa64J\xfd\x1c\xe9\xd5a\a\\1\xc4\x14*\xa5\xbfa\xc3\xaeE\x86@\xc0\xeca\xba\xa4\xc0\rhL\xd9^\v\xe6\x81S\xc4\xad\xca^E\x19\f:&\xa5\fA\xd7\x93\xa4\xa9\x83\xe9', 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0xfffffffffffffffe)
accept(r2, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:04 executing program 4:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_GET_NEXT_ID(0xb, 0x0, 0x0)
r1 = getgid()
setregid(r1, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x100000b5, 0x0)
ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, 0x0)
lstat(0x0, &(0x7f0000000100))
arch_prctl$ARCH_SET_CPUID(0x1012, 0x2)
fstat(r0, &(0x7f0000000240))
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x100, 0x0)
ioctl$TIOCGLCKTRMIOS(r2, 0x5456, &(0x7f00000002c0)={0x45, 0x0, 0x5, 0x81, 0x4, 0x8, 0x1, 0x100, 0x4, 0xfffffffffffffffe, 0x5, 0x20})
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00')
preadv(r3, &(0x7f0000000480), 0x1000000000000181, 0x0)

10:00:04 executing program 3:
write$evdev(0xffffffffffffffff, &(0x7f0000000100)=[{{0x77359400}, 0x4, 0x4}], 0x18)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x2, 0x28001)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
write$evdev(r0, &(0x7f0000000040)=[{}, {}], 0x52a)

10:00:04 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

10:00:04 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x2, 0x28001)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
write$evdev(r0, &(0x7f00000002c0)=[{{}, 0x11}, {{0x77359400}, 0x16, 0x6f, 0x39}, {{0x0, 0x7530}}], 0x48)

10:00:04 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x0)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  255.632904] *** Guest State ***
[  255.636332] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  255.645378] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  255.654293] CR3 = 0x0000000000000000
[  255.658039] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  255.664152] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  255.670162] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  255.676979] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  255.685182] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  255.693254] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  255.701268] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  255.709363] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  255.717456] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  255.725592] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  255.733679] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  255.741766] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  255.749778] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  255.757910] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  255.764421] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  255.771974] Interruptibility = 00000000  ActivityState = 00000000
[  255.778223] *** Host State ***
10:00:04 executing program 4:
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x100000b5, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00')
preadv(r0, &(0x7f0000000480), 0x1000000000000181, 0x0)

10:00:04 executing program 3:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/zero\x00', 0x0, 0x0)
r1 = dup2(r0, r0)
pread64(r1, 0x0, 0x0, 0x0)

10:00:04 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="b93c564b636700000000b4ce360000a2", 0x10)
accept4$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000006dc0)=[{0x1000000f0ffffff, 0xffffff7f00000000, &(0x7f0000000080)=[{&(0x7f0000000140), 0x8000a0}], 0x1}], 0x1, 0x0)

[  255.781442] RIP = 0xffffffff812b177c  RSP = 0xffff88816d16f380
[  255.787523] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  255.794062] FSBase=00007fb6c7b1b700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  255.802068] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  255.808013] CR0=0000000080050033 CR3=000000016ccbd000 CR4=00000000001426e0
[  255.815177] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ac015f0
[  255.821937] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  255.828020] *** Control State ***
[  255.831509] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  255.838283] EntryControls=0000d1ff ExitControls=002fefff
[  255.843825] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  255.850783] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  255.857571] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  255.864244]         reason=80000021 qualification=0000000000000000
[  255.870587] IDTVectoring: info=00000000 errcode=00000000
[  255.876160] TSC Offset = 0xffffff730fd9318e
[  255.880506] TPR Threshold = 0x00
[  255.883995] EPT pointer = 0x000000016fe2c01e
10:00:04 executing program 4:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$sock_void(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getpeername(0xffffffffffffffff, 0x0, 0x0)
r2 = gettid()
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
r3 = fcntl$dupfd(r1, 0x0, r0)
prctl$PR_GET_TIMERSLACK(0x1e)
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000004440)={{{@in6, @in6=@remote}}, {{}, 0x0, @in=@empty}}, &(0x7f0000004540)=0xe8)
sendmmsg(r1, &(0x7f0000005e40)=[{{0x0, 0x0, &(0x7f0000002680), 0x0, &(0x7f00000026c0)=[{0x88, 0x10a, 0x20000, "03020c164357aece147ae67c1b872095c956a21e0346bfe868cffe4cc5881ccab0d95b67b083f325d4de99ccafe6b0e21fbdbb218636607eccb619afbb62e0a711226b223daefced1f9adbe2ba9e9db8b3ed51b13099d663cd31c3d77646de3b73bfaf47a116cbac5965739c4e66cf73ca"}], 0x88}}, {{0x0, 0x0, &(0x7f0000002980)=[{&(0x7f0000002900)="9868b59c28b0522118b97a7993e3d697cd6a32cd7485abadd4c7283f3aee7f4521f2f7f33358421ede76f3ebaf45ff27025840cb43f9e9e2486235a4975a427919c4f74cd79709189fb7c5d70a16454b030305113464a7b808bd2f1beabd0595c707933659358d57868b98160a6b7a65916fe7a6ee97", 0x76}], 0x1}, 0x7}, {{&(0x7f0000003f40)=@llc={0x1a, 0xf, 0x35, 0x5, 0x2, 0x0, @local}, 0x80, &(0x7f00000040c0)=[{&(0x7f0000003fc0)="e89ac63611bf3b1f6b5eb0ac2b5bdca7b6217f6ed01da6805e843d83848ccd0f39c1dcdb7346301fd102f31e6720a180bf729b832f3455828bdf4aa5a516fc327fd3665b9d58301462adf8eca0dd60e39a516b3f98c2203c6102dc76cfeb08164cb2ca13002e7f21864b8d19a6f31c61b919189513c82d8ed3832795ece289796d9133c87382f252f94fd012a6d435b41360f9cabdcb21c7cfbc3e47a86350cbc0dda5ee14b2cedbf77bb30994a5ce2d0a3a681d1f82c2f3f03ed49e9a169ee3138095884496c645", 0xc8}], 0x1}, 0x4}, {{&(0x7f0000005680)=@vsock={0x28, 0x0, 0x2711, @host}, 0x80, 0x0}}], 0x4, 0x801)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x61, 0x0, 0x0)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, 0x0, 0x0)
tkill(r2, 0x1000000000016)

10:00:04 executing program 2:
syz_open_dev$binder(&(0x7f00000000c0)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000400)={0x50, 0x0, &(0x7f0000000240)=[@exit_looper, @transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}}], 0x0, 0x0, 0x0})

10:00:05 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

[  256.033672] binder: 9491:9494 transaction failed 29189/-22, size 0-0 line 2834
[  256.139710] binder: undelivered TRANSACTION_ERROR: 29189
10:00:05 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="020a000002000000000000000000d84a3f6ba0fc2ed347a70000"], 0x1a}}, 0x0)

10:00:05 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000000033}, 0x2c)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0xfffffffffffffffe)
accept(r2, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:05 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

10:00:05 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000012, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x3, &(0x7f0000000000)=0xfffffffffffffffd, 0x5, 0x0)
mlock(&(0x7f00007dc000/0x8000)=nil, 0x8000)

10:00:05 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
socket$inet6(0xa, 0x803, 0x20)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

10:00:05 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x2, 0x28001)
write$evdev(r0, &(0x7f00000002c0)=[{{}, 0x11, 0x3}], 0x18)

[  256.860078] *** Guest State ***
[  256.863596] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  256.872629] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  256.881496] CR3 = 0x0000000000000000
[  256.885311] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  256.891321] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  256.897436] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  256.904225] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  256.912310] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  256.920321] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  256.928504] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  256.936592] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  256.944680] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  256.952797] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  256.960812] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  256.968897] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  256.976972] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  256.985062] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  256.991500] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  256.999072] Interruptibility = 00000000  ActivityState = 00000000
[  257.005418] *** Host State ***
[  257.008645] RIP = 0xffffffff812b177c  RSP = 0xffff88816e4df380
[  257.014739] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  257.021263] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  257.029166] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  257.035158] CR0=0000000080050033 CR3=000000016c61f000 CR4=00000000001426f0
[  257.042308] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  257.048993] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  257.055176] *** Control State ***
[  257.058663] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  257.065408] EntryControls=0000d1ff ExitControls=002fefff
[  257.070876] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  257.077926] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  257.084678] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  257.091285]         reason=80000021 qualification=0000000000000000
[  257.097732] IDTVectoring: info=00000000 errcode=00000000
[  257.103269] TSC Offset = 0xffffff726760b8ae
[  257.107625] TPR Threshold = 0x00
10:00:06 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, 0x0, &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

[  257.111018] EPT pointer = 0x000000013275f01e
10:00:06 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000013000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000002fe8)=[{0x35, 0x0, 0x0, 0xf62c}, {0x6}]}, 0x10)
sendmmsg(r1, &(0x7f00000014c0), 0x20, 0x0)

10:00:06 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f00006cdffb)="8907040000", 0x5)
sendmmsg(r1, &(0x7f0000005c00)=[{{&(0x7f00000000c0)=@in={0x2, 0x4e20, @multicast1}, 0x80, 0x0}}], 0x1, 0x0)

10:00:06 executing program 4:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000140)="1f0000000104ff00fd4354c007110000f305010008000100010423dcffdf00", 0x1f)

10:00:06 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
socket$inet6(0xa, 0x803, 0x20)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  257.357161] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
10:00:06 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, 0x0, &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

10:00:06 executing program 3:
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000040)={@multicast2, @empty}, 0xc)

[  257.397893] __nla_parse: 8 callbacks suppressed
[  257.397911] netlink: 3 bytes leftover after parsing attributes in process `syz-executor4'.
10:00:06 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0/\x00', 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0xfffffffffffffffe)
accept(r2, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:06 executing program 2:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
socket(0xa, 0x1, 0x0)
recvfrom(r0, &(0x7f0000000180)=""/29, 0x1d, 0x10020, &(0x7f00000001c0)=@un=@file={0x1, './file0\x00'}, 0x80)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240))

10:00:06 executing program 4:
syz_emit_ethernet(0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="aaaaaa2a8a000000019078ac1414bb1278b081e77a94ac1414110802907800000000450000000000000000000000ac5c14aaac141400e3965aabe175744e935ad1e1444087f1bd741137541014d4e3c893655ce13c93b2f407d9c2948fb6af97a5e9eb550741755b4e1ccfbb490c5fc409cd784b60e87e6abbe176936e6bbde0825ea4d6079888605c4e2d95a314dd6eaaea22d42c66bdd16dd6b46ddbb647f6f5a1f5f7a2befb6dbe85df9709b387e58c02ee7290ff04e9391cc0a8b374cad3bfc9"], 0x0)
accept$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local}, &(0x7f0000000080)=0x1c)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000000301ffff808f00003d88c83f00b516ba"], 0x14}}, 0x0)

10:00:06 executing program 3:
r0 = socket$inet6(0xa, 0x400000000000803, 0x7)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c2d023c126285718070")
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @remote, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x5}}}}}}, 0x0)

10:00:06 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x0, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:06 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, 0x0, &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, r2, 0x0)

[  257.902507] *** Guest State ***
[  257.905882] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  257.914903] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  257.923898] CR3 = 0x0000000000000000
[  257.927646] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  257.933721] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  257.939774] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
10:00:07 executing program 4:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
clone(0x10004000, &(0x7f0000000200), 0x0, &(0x7f0000000300), &(0x7f00000003c0)="1552b875e15f50cdaacf6f27d0d067a276d1e0b552bb2a2c534d53840c8e6a14797ec079ab6e9efc9bbbc8fbaf66a13eca76")
add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0x0)
r1 = add_key$keyring(0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0)
add_key(0x0, 0x0, 0x0, 0x0, r1)
dup(r0)
openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x0, 0x0)
open(&(0x7f00000001c0)='./file0\x00', 0x2000, 0x105)
getresuid(&(0x7f0000000340), &(0x7f0000000380), 0x0)
fchown(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x0, 0x0, 0x0)

[  257.946546] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  257.954612] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  257.962700] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  257.970720] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  257.978784] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  257.986851] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  257.994926] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
10:00:07 executing program 3:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
getpeername(0xffffffffffffffff, 0x0, 0x0)
gettid()
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
timer_create(0x0, &(0x7f0000044000), 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0)
setsockopt$netlink_NETLINK_CAP_ACK(r1, 0x10e, 0xa, &(0x7f0000000040), 0x4)

[  258.003029] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  258.011177] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  258.019263] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  258.027348] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  258.033883] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  258.041364] Interruptibility = 00000000  ActivityState = 00000000
[  258.047694] *** Host State ***
[  258.050930] RIP = 0xffffffff812b177c  RSP = 0xffff88819827f380
[  258.057032] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  258.063549] FSBase=00007fb6c7b3c700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  258.071744] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  258.077671] CR0=0000000080050033 CR3=000000016e71f000 CR4=00000000001426e0
[  258.084817] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ac015f0
[  258.091518] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  258.097674] *** Control State ***
[  258.101161] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  258.107935] EntryControls=0000d1ff ExitControls=002fefff
[  258.113563] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  258.120529] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  258.127319] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  258.133986]         reason=80000021 qualification=0000000000000000
[  258.140337] IDTVectoring: info=00000000 errcode=00000000
[  258.145905] TSC Offset = 0xffffff71d9225d0f
[  258.150251] TPR Threshold = 0x00
[  258.153850] EPT pointer = 0x000000016d0f001e
10:00:07 executing program 3:
r0 = gettid()
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCGIFPFLAGS(0xffffffffffffffff, 0x8935, 0x0)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000044000))
open$dir(0x0, 0x0, 0x0)
r2 = dup(r1)
write$P9_RMKNOD(0xffffffffffffffff, 0x0, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$assume_authority(0x10, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
io_setup(0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x1c9c380}, {0x0, 0x9}}, 0x0)
tkill(0x0, 0x0)
personality(0x0)
getuid()
getsockopt$inet6_mtu(0xffffffffffffffff, 0x29, 0x17, 0x0, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000240)={@in={{0x2, 0x0, @local}}, 0x0, 0x0, 0x0, "8f3417ec7113065802c197ddbc724dc31d616665cbdfde6e5ec7faf6462af6a861aad306149bb4bd00d394f58d5cbcf6d2c91ff438f7a4e3c51476db5a274a23a1ae7809b5b6656d0c3456d9ac406966"}, 0xd8)
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, 0x0, 0x0)
tkill(r0, 0x1000000000016)

10:00:07 executing program 4:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, 0x0)
r2 = dup3(r0, r1, 0x0)
request_key(0x0, 0x0, &(0x7f0000000180)='vboxnet0\x00', 0xfffffffffffffffa)
r3 = gettid()
sched_setaffinity(r3, 0x8, &(0x7f0000000000)=0xfffffffffffffffd)
add_key(&(0x7f00000001c0)='rxrpc\x00', 0x0, 0x0, 0x0, 0x0)
add_key$keyring(0x0, &(0x7f00000003c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffb)
request_key(0x0, 0x0, 0x0, 0xfffffffffffffffd)
setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000000080)=@nat={'nat\x00', 0x19, 0x2, 0x0, [0x20000280, 0x0, 0x0, 0x200002b0, 0x20000478], 0x0, 0x0}, 0x78)

10:00:07 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', 0x0, 0x0, 0x0)
dup3(r1, r2, 0x0)

10:00:07 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x0, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  258.459126] *** Guest State ***
[  258.462802] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  258.471815] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  258.480669] CR3 = 0x0000000000000000
[  258.484586] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  258.490586] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  258.496671] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  258.503486] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  258.511494] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  258.519608] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  258.527786] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  258.535908] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  258.544011] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  258.552098] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  258.560122] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  258.568235] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  258.576319] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  258.584515] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  258.590968] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  258.598538] Interruptibility = 00000000  ActivityState = 00000000
[  258.604898] *** Host State ***
[  258.608135] RIP = 0xffffffff812b177c  RSP = 0xffff88816da0f380
[  258.614265] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  258.620736] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  258.628689] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  258.634681] CR0=0000000080050033 CR3=000000016df34000 CR4=00000000001426f0
[  258.641840] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  258.648538] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  258.654707] *** Control State ***
[  258.658193] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  258.664982] EntryControls=0000d1ff ExitControls=002fefff
[  258.670471] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  258.677505] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  258.684261] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  258.690868]         reason=80000021 qualification=0000000000000000
[  258.697313] IDTVectoring: info=00000000 errcode=00000000
[  258.702855] TSC Offset = 0xffffff718c1dd3c2
[  258.707202] TPR Threshold = 0x00
[  258.710594] EPT pointer = 0x00000001ae02f01e
10:00:07 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0xfffffffffffffffe)
accept(r2, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:07 executing program 4:
clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x40000000, 0x0)
r0 = getpid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
openat$smack_thread_current(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
rt_sigqueueinfo(r0, 0x26, &(0x7f0000000100))

10:00:07 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000040))
poll(&(0x7f00000000c0)=[{r1}], 0x1, 0x0)

10:00:07 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', 0x0, 0x0, 0x0)
dup3(r1, r2, 0x0)

10:00:07 executing program 2:
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
r0 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000380)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x12c]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='\f', 0x1}], 0x1}, 0x20008844)

10:00:07 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x0, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:07 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r0, 0x0, 0x482, &(0x7f0000000080)=""/8, &(0x7f0000000180)=0x8)

[  258.915612] *** Guest State ***
[  258.919023] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  258.928251] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  258.937193] CR3 = 0x0000000000000000
[  258.940931] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  258.947018] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  258.953116] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  258.959980] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  258.968112] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  258.976199] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  258.984266] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  258.992349] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  259.000371] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
10:00:08 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
recvmmsg(r0, &(0x7f0000002d80)=[{{&(0x7f0000000000)=@alg, 0x80, &(0x7f0000000100)=[{&(0x7f0000001480)=""/4096, 0x1300}, {&(0x7f0000000240)=""/147, 0x1f}], 0x2, &(0x7f0000002740)=""/218, 0xda}}], 0x400000000000075, 0x1a000, &(0x7f0000002e40)={0x77359400})
sendmsg$nl_generic(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000004200050100000020000000000000000002"], 0x1}}, 0x0)

[  259.008481] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  259.016658] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  259.024766] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  259.032846] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  259.040849] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  259.047397] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  259.055027] Interruptibility = 00000000  ActivityState = 00000000
[  259.061291] *** Host State ***
10:00:08 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000d00)={&(0x7f0000000980)=@updpolicy={0xb8, 0x19, 0x421, 0x0, 0x0, {{@in6=@mcast1, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}}, 0x0)

[  259.064617] RIP = 0xffffffff812b177c  RSP = 0xffff88816dc7f380
[  259.071140] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  259.077691] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  259.085596] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  259.091525] CR0=0000000080050033 CR3=000000016dee3000 CR4=00000000001426f0
[  259.098694] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  259.105493] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  259.111574] *** Control State ***
10:00:08 executing program 2:
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
r0 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000380)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x12c]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='\f', 0x1}], 0x1}, 0x20008844)

[  259.115166] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  259.121954] EntryControls=0000d1ff ExitControls=002fefff
[  259.127446] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  259.134519] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  259.141337] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  259.148310]         reason=80000021 qualification=0000000000000000
[  259.154725] IDTVectoring: info=00000000 errcode=00000000
[  259.160207] TSC Offset = 0xffffff715095dd6e
[  259.164657] TPR Threshold = 0x00
[  259.168063] EPT pointer = 0x000000016dcfc01e
10:00:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x8})

10:00:08 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', 0x0, 0x0, 0x0)
dup3(r1, r2, 0x0)

10:00:08 executing program 1:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0xfffffffffffffffe)
accept(r2, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:08 executing program 2:
r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video0\x00', 0x2, 0x0)
ioctl$VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f0000000080))

10:00:08 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:08 executing program 3:
recvmsg$kcm(0xffffffffffffffff, &(0x7f00000025c0)={&(0x7f0000002240)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$link(0x8, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000480)='comm\x00')
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
ptrace$peekuser(0x3, 0x0, 0x0)
preadv(r0, &(0x7f00000017c0), 0xef, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$FIGETBSZ(0xffffffffffffffff, 0x2, &(0x7f0000000640))
syz_open_dev$usbmon(0x0, 0x0, 0x0)

10:00:08 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(0xffffffffffffffff, r2, 0x0)

[  259.849674] *** Guest State ***
[  259.853301] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  259.862354] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  259.871213] CR3 = 0x0000000000000000
[  259.875001] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  259.880997] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  259.887046] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
10:00:08 executing program 2:
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000140))

10:00:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SIGNAL_MSI(r1, 0x4010ae67, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x8})

[  259.893854] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  259.901925] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  259.909936] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  259.918030] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  259.926210] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  259.934280] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  259.942365] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  259.950387] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  259.958497] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  259.966575] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  259.974677] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  259.981128] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  259.988690] Interruptibility = 00000000  ActivityState = 00000000
[  259.994993] *** Host State ***
[  259.998243] RIP = 0xffffffff812b177c  RSP = 0xffff88817a24f380
[  260.004351] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  260.010799] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  260.018707] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  260.024687] CR0=0000000080050033 CR3=000000016d343000 CR4=00000000001426f0
[  260.031947] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  260.038647] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  260.044816] *** Control State ***
[  260.048384] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  260.055180] EntryControls=0000d1ff ExitControls=002fefff
[  260.060794] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  260.067862] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  260.075014] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  260.081714]         reason=80000021 qualification=0000000000000000
[  260.088070] IDTVectoring: info=00000000 errcode=00000000
[  260.093627] TSC Offset = 0xffffff70cd8189bf
[  260.097966] TPR Threshold = 0x00
[  260.101366] EPT pointer = 0x000000016d1ef01e
10:00:09 executing program 4:
r0 = memfd_create(&(0x7f00000001c0)='ppp0+,selfppp0vmnet1proc\']\x00', 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000050000)='/dev/snd/seq\x00', 0x0, 0x101001)
r2 = dup2(r1, r0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, '\x9e\xdez\x8cZ\xe9^\xc8g,\x934\x0fd:fO\x13\xee\xabe\xc02)\x01\xdck\xd3l\xde,Q\xf0\x1b\x7f\v\x01O\x9f\x91\xee\xb7\xc3|r@\xf4v\xc8\xd7S\xd0\x00\xaa\x8f\xaf\x8f\xb5t\xdb\xcf\xa6\xdcM'})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(0xffffffffffffffff, 0x40bc5311, 0x0)
write$sndseq(r0, &(0x7f0000042f70)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}], 0x30)

10:00:09 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x8040ae9f, &(0x7f0000000000))

10:00:09 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(0xffffffffffffffff, r2, 0x0)

10:00:09 executing program 3:
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x663d3e087008c798, 0x0)

10:00:09 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  260.427675] *** Guest State ***
[  260.431105] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  260.440115] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  260.449053] CR3 = 0x0000000000000000
[  260.452883] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  260.458934] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  260.465021] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  260.471827] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  260.479840] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  260.488005] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  260.496166] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  260.504351] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  260.512468] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  260.520489] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  260.528582] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  260.536647] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  260.544734] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  260.552777] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  260.559357] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  260.566917] Interruptibility = 00000000  ActivityState = 00000000
[  260.573196] *** Host State ***
[  260.576416] RIP = 0xffffffff812b177c  RSP = 0xffff88812cdbf380
[  260.582524] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  260.588994] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  260.596929] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  260.602895] CR0=0000000080050033 CR3=000000016c5ca000 CR4=00000000001426f0
[  260.609978] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  260.616722] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  260.622860] *** Control State ***
[  260.626353] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  260.633171] EntryControls=0000d1ff ExitControls=002fefff
[  260.638665] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  260.645777] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  260.652524] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  260.659151]         reason=80000021 qualification=0000000000000000
[  260.665569] IDTVectoring: info=00000000 errcode=00000000
[  260.671039] TSC Offset = 0xffffff707e3e1d52
[  260.675497] TPR Threshold = 0x00
10:00:09 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0xfffffffffffffffe)
accept(r2, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:09 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5419, 0x0)

10:00:09 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0)
ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f0000001540)={0x0, 0x0, 0x0})

10:00:09 executing program 2:
r0 = syz_open_dev$sndtimer(&(0x7f0000000140)='/dev/snd/timer\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000040)={{0x0, 0x2}})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)

10:00:09 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(0xffffffffffffffff, r2, 0x0)

[  260.678889] EPT pointer = 0x000000016c45e01e
10:00:09 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:09 executing program 2:
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup\x00', 0x200002, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000000)=ANY=[], 0xffffff3e)
fallocate(r2, 0x10, 0x0, 0xcd55)
close(r2)
fdatasync(0xffffffffffffffff)
sendmsg$key(r2, 0x0, 0x80)

10:00:09 executing program 3:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket(0x200000000000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'sit0\x00', <r1=>0x0})
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000140)=0x110, 0x4)
bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14)
sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0)

10:00:10 executing program 4:

[  260.986068] *** Guest State ***
[  260.989500] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  260.998669] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  261.007737] CR3 = 0x0000000000000000
[  261.011492] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  261.017565] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  261.023658] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  261.030407] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  261.038503] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  261.046588] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  261.054772] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  261.062852] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  261.070873] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  261.078940] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  261.087043] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  261.095209] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  261.103300] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  261.111305] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  261.117847] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  261.125396] Interruptibility = 00000000  ActivityState = 00000000
[  261.131726] *** Host State ***
10:00:10 executing program 4:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_subtree(r0, &(0x7f00000000c0)='cgroup.subtree_control\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$cgroup_subtree(r1, &(0x7f0000000140)={[{0x2b, 'cpu'}]}, 0x5)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
write$cgroup_subtree(r1, &(0x7f0000000000)={[{0x2d, 'cpu'}]}, 0x5)

[  261.134956] RIP = 0xffffffff812b177c  RSP = 0xffff88816c78f380
[  261.141075] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  261.147630] FSBase=00007fb6c7b3c700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  261.155527] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  261.161454] CR0=0000000080050033 CR3=00000001aecbe000 CR4=00000000001426e0
[  261.168600] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ac015f0
[  261.175394] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  261.181476] *** Control State ***
[  261.185077] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  261.191829] EntryControls=0000d1ff ExitControls=002fefff
[  261.197310] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  261.204556] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  261.211274] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  261.217972]         reason=80000021 qualification=0000000000000000
[  261.224370] IDTVectoring: info=00000000 errcode=00000000
[  261.229850] TSC Offset = 0xffffff7032e9a8a8
10:00:10 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, 0xffffffffffffffff, 0x0)

[  261.234287] TPR Threshold = 0x00
[  261.237690] EPT pointer = 0x000000016d08c01e
10:00:10 executing program 4:
socketpair$unix(0x1, 0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x9, 0x19, 0x6, 0x4, 0x0, 0xffffffffffffff9c}, 0x2c)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x0)
r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ID(r0, 0x80082407, &(0x7f0000000140))
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0xe400000000000000, 0x77fffb, 0x0, 0x820000, 0x0}, 0x2c)

10:00:10 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0xfffffffffffffffe)
accept(r2, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:10 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000300)='maps\x00')
sendfile(r0, r1, &(0x7f0000000000)=0x100000, 0x100000001)

10:00:10 executing program 3:
r0 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x20, 0x0)
ioctl$EVIOCSKEYCODE_V2(r0, 0x40284504, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, "25cbac736409c4fc5ac1ab0634d8b9b02d2b0feaba8a6087555fd86edb7f3d9c"})

10:00:10 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, 0xffffffffffffffff, 0x0)

10:00:10 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080))
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  261.711865] *** Guest State ***
[  261.715344] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  261.724434] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  261.733401] CR3 = 0x0000000000000000
[  261.737157] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  261.743204] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  261.749211] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  261.756007] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  261.764119] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  261.772205] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  261.780212] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  261.788284] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  261.796372] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  261.804562] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  261.812631] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  261.820650] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  261.828788] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  261.836855] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  261.843360] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  261.850843] Interruptibility = 00000000  ActivityState = 00000000
[  261.857239] *** Host State ***
[  261.860472] RIP = 0xffffffff812b177c  RSP = 0xffff888125faf380
[  261.866565] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  261.873161] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  261.880988] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  261.886989] CR0=0000000080050033 CR3=000000012cee4000 CR4=00000000001426f0
[  261.894144] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  261.900839] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  261.906987] *** Control State ***
10:00:10 executing program 4:

[  261.910493] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  261.917271] EntryControls=0000d1ff ExitControls=002fefff
[  261.922801] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  261.929751] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  261.936541] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  261.943207]         reason=80000021 qualification=0000000000000000
[  261.949545] IDTVectoring: info=00000000 errcode=00000000
[  261.955250] TSC Offset = 0xffffff6fcf2e1a06
[  261.959593] TPR Threshold = 0x00
[  261.963075] EPT pointer = 0x000000012f53601e
10:00:11 executing program 2:

10:00:11 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3)
write$binfmt_misc(r2, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67)
sendfile(r1, r2, &(0x7f0000000000), 0xffff)
fcntl$addseals(r2, 0x409, 0x8)
fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d80), 0x24, 0x0)
dup3(r1, 0xffffffffffffffff, 0x0)

10:00:11 executing program 4:

10:00:11 executing program 3:

10:00:11 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080))
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:11 executing program 4:

[  262.305291] *** Guest State ***
[  262.308707] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  262.317846] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  262.326810] CR3 = 0x0000000000000000
[  262.330753] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  262.336825] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  262.342997] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  262.349754] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  262.357868] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  262.366065] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  262.374166] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  262.382307] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  262.390307] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  262.398368] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  262.406440] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  262.414572] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  262.422625] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  262.430608] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  262.437112] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  262.444675] Interruptibility = 00000000  ActivityState = 00000000
[  262.450926] *** Host State ***
[  262.454215] RIP = 0xffffffff812b177c  RSP = 0xffff88816dfff380
[  262.460216] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  262.466707] FSBase=00007fb6c7b3c700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  262.474569] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  262.480473] CR0=0000000080050033 CR3=000000012f6c1000 CR4=00000000001426e0
[  262.487577] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ac015f0
[  262.494344] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  262.500424] *** Control State ***
[  262.503972] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  262.510664] EntryControls=0000d1ff ExitControls=002fefff
[  262.516204] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  262.523204] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  262.529875] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  262.536527]         reason=80000021 qualification=0000000000000000
[  262.543051] IDTVectoring: info=00000000 errcode=00000000
[  262.548653] TSC Offset = 0xffffff6f8005005c
[  262.553078] TPR Threshold = 0x00
[  262.556548] EPT pointer = 0x000000016db3701e
10:00:11 executing program 4:

10:00:11 executing program 2:

10:00:11 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0xfffffffffffffffe)
accept(r2, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:11 executing program 3:

10:00:11 executing program 0:

10:00:11 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080))
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:11 executing program 4:

10:00:11 executing program 0:

10:00:11 executing program 3:

10:00:11 executing program 2:

[  262.852258] *** Guest State ***
[  262.855683] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  262.864715] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  262.873670] CR3 = 0x0000000000000000
[  262.877463] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  262.883565] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  262.889582] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  262.896405] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  262.904669] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  262.912786] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  262.920801] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  262.928912] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  262.937008] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  262.945273] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  262.953361] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  262.961464] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  262.969623] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  262.977830] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  262.984366] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  262.991908] Interruptibility = 00000000  ActivityState = 00000000
[  262.998163] *** Host State ***
10:00:12 executing program 3:

10:00:12 executing program 0:

[  263.001402] RIP = 0xffffffff812b177c  RSP = 0xffff88816d31f380
[  263.007531] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  263.014042] FSBase=00007fb6c7b3c700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  263.021975] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  263.027988] CR0=0000000080050033 CR3=0000000125e43000 CR4=00000000001426e0
[  263.035166] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ac015f0
[  263.041933] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  263.048013] *** Control State ***
10:00:12 executing program 2:

[  263.051500] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  263.058429] EntryControls=0000d1ff ExitControls=002fefff
[  263.063978] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  263.070989] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  263.077792] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  263.084462]         reason=80000021 qualification=0000000000000000
[  263.090813] IDTVectoring: info=00000000 errcode=00000000
[  263.096395] TSC Offset = 0xffffff6f34a2e767
[  263.100744] TPR Threshold = 0x00
[  263.104221] EPT pointer = 0x000000017a25501e
10:00:12 executing program 4:

10:00:12 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0xfffffffffffffffe)
accept(r2, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:12 executing program 3:

10:00:12 executing program 0:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x7a, 0x0)
ioctl$EVIOCSKEYCODE_V2(r0, 0x80284504, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, "020003fe042b5263def344f6d300000000000050ea0000018000000000002100"})

10:00:12 executing program 2:

10:00:12 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c12")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:12 executing program 4:

10:00:12 executing program 2:

[  263.653817] *** Guest State ***
[  263.657219] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  263.666364] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  263.675294] CR3 = 0x0000000000000000
[  263.679025] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  263.685096] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  263.691119] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  263.697908] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  263.705990] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  263.714241] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  263.722342] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  263.730356] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  263.738425] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  263.746569] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  263.754663] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  263.762966] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  263.770993] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  263.779119] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  263.785605] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  263.793184] Interruptibility = 00000000  ActivityState = 00000000
[  263.799452] *** Host State ***
[  263.802776] RIP = 0xffffffff812b177c  RSP = 0xffff88812f56f380
[  263.808916] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  263.815479] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  263.823360] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  263.829283] CR0=0000000080050033 CR3=000000012c600000 CR4=00000000001426f0
[  263.836440] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  263.843355] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  263.849439] *** Control State ***
[  263.853041] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  263.859773] EntryControls=0000d1ff ExitControls=002fefff
[  263.865338] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  263.872362] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  263.879069] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  263.885765]         reason=80000021 qualification=0000000000000000
[  263.892163] IDTVectoring: info=00000000 errcode=00000000
[  263.897647] TSC Offset = 0xffffff6ec48fdafb
10:00:12 executing program 2:

10:00:12 executing program 4:

10:00:12 executing program 3:

[  263.902161] TPR Threshold = 0x00
[  263.905551] EPT pointer = 0x000000019cbd501e
10:00:13 executing program 3:

10:00:13 executing program 2:

10:00:13 executing program 2:

10:00:13 executing program 4:

10:00:13 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0xfffffffffffffffe)
accept(r0, 0x0, &(0x7f0000000200))
dup2(0xffffffffffffffff, r0)
r1 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:13 executing program 0:

10:00:13 executing program 3:

10:00:13 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c12")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  264.525198] *** Guest State ***
[  264.528709] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  264.537769] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  264.546690] CR3 = 0x0000000000000000
[  264.550432] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  264.556558] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  264.562636] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  264.569340] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  264.577547] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  264.585630] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  264.593732] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  264.601814] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  264.609826] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  264.617918] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  264.626098] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  264.634201] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  264.642275] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  264.650274] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  264.656809] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  264.664338] Interruptibility = 00000000  ActivityState = 00000000
[  264.670681] *** Host State ***
[  264.673999] RIP = 0xffffffff812b177c  RSP = 0xffff88816e54f380
[  264.680028] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  264.686574] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  264.694485] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  264.700506] CR0=0000000080050033 CR3=000000019c775000 CR4=00000000001426f0
[  264.707658] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  264.714504] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  264.720577] *** Control State ***
10:00:13 executing program 4:

10:00:13 executing program 0:

10:00:13 executing program 3:

10:00:13 executing program 2:

[  264.724180] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  264.730868] EntryControls=0000d1ff ExitControls=002fefff
[  264.736477] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  264.743571] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  264.750275] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  264.757022]         reason=80000021 qualification=0000000000000000
[  264.763457] IDTVectoring: info=00000000 errcode=00000000
[  264.769040] TSC Offset = 0xffffff6e4dbf5076
[  264.773493] TPR Threshold = 0x00
[  264.776979] EPT pointer = 0x000000017143e01e
10:00:13 executing program 4:

10:00:13 executing program 3:

10:00:13 executing program 0:

10:00:13 executing program 2:

10:00:14 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0xfffffffffffffffe)
accept(r0, 0x0, &(0x7f0000000200))
dup2(0xffffffffffffffff, r0)
r1 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:14 executing program 4:

10:00:14 executing program 2:

10:00:14 executing program 3:

10:00:14 executing program 0:

10:00:14 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c12")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  265.425239] *** Guest State ***
[  265.428647] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  265.437673] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  265.446635] CR3 = 0x0000000000000000
[  265.450390] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  265.456485] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  265.462581] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  265.469282] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  265.477384] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  265.485487] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  265.493606] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  265.501715] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  265.509729] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  265.517807] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
10:00:14 executing program 4:

10:00:14 executing program 3:

10:00:14 executing program 0:

[  265.525887] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  265.534033] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  265.542175] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  265.550196] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  265.556732] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  265.564286] Interruptibility = 00000000  ActivityState = 00000000
[  265.570628] *** Host State ***
10:00:14 executing program 2:

[  265.573964] RIP = 0xffffffff812b177c  RSP = 0xffff88816dfff380
[  265.579981] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  265.586552] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  265.594515] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  265.600453] CR0=0000000080050033 CR3=000000019b9e4000 CR4=00000000001426f0
[  265.607599] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  265.614460] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  265.620562] *** Control State ***
[  265.624238] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  265.630934] EntryControls=0000d1ff ExitControls=002fefff
[  265.636515] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  265.643561] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  265.650367] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  265.657085]         reason=80000021 qualification=0000000000000000
[  265.663501] IDTVectoring: info=00000000 errcode=00000000
[  265.668992] TSC Offset = 0xffffff6dd219d865
[  265.673551] TPR Threshold = 0x00
[  265.676949] EPT pointer = 0x000000019bae901e
10:00:14 executing program 4:

10:00:14 executing program 0:

10:00:15 executing program 2:

10:00:15 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0xfffffffffffffffe)
accept(r1, 0x0, &(0x7f0000000200))
dup2(r0, r1)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r2, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:15 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c12628571")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:15 executing program 4:

10:00:15 executing program 0:

10:00:15 executing program 3:

[  266.310692] *** Guest State ***
[  266.314363] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  266.323342] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  266.332325] CR3 = 0x0000000000000000
[  266.336075] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  266.342161] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  266.348171] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  266.354984] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  266.363080] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  266.371149] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  266.379265] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  266.387357] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  266.395580] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  266.403656] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  266.411754] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  266.419770] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  266.427901] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  266.436110] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  266.442716] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  266.450231] Interruptibility = 00000000  ActivityState = 00000000
[  266.456558] *** Host State ***
[  266.459802] RIP = 0xffffffff812b177c  RSP = 0xffff88816e54f380
[  266.465889] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  266.472401] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  266.480229] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  266.486250] CR0=0000000080050033 CR3=00000001a2cb7000 CR4=00000000001426f0
[  266.493403] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  266.500119] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  266.506339] *** Control State ***
[  266.509824] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  266.516628] EntryControls=0000d1ff ExitControls=002fefff
[  266.522177] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  266.529137] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  266.535931] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  266.542596]         reason=80000021 qualification=0000000000000000
[  266.548938] IDTVectoring: info=00000000 errcode=00000000
[  266.554621] TSC Offset = 0xffffff6d57bf0cf7
10:00:15 executing program 4:

10:00:15 executing program 0:

10:00:15 executing program 2:

10:00:15 executing program 3:

[  266.558963] TPR Threshold = 0x00
[  266.562474] EPT pointer = 0x000000016c6b601e
10:00:15 executing program 2:

10:00:15 executing program 0:

10:00:15 executing program 3:

10:00:16 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0xfffffffffffffffe)
accept(r1, 0x0, &(0x7f0000000200))
dup2(r0, r1)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r2, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:16 executing program 4:

10:00:16 executing program 2:

10:00:16 executing program 3:

10:00:16 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c12628571")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:16 executing program 0:

[  267.249369] *** Guest State ***
[  267.252897] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  267.261917] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  267.270783] CR3 = 0x0000000000000000
[  267.274631] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  267.280693] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  267.286821] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  267.294603] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  267.302722] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  267.310740] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  267.318841] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  267.326928] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  267.335003] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  267.343084] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  267.351110] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  267.359205] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  267.367338] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  267.375427] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  267.382150] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  267.389750] Interruptibility = 00000000  ActivityState = 00000000
[  267.396185] *** Host State ***
[  267.399503] RIP = 0xffffffff812b177c  RSP = 0xffff88812cdbf380
[  267.405636] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  267.412150] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  267.419992] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  267.426008] CR0=0000000080050033 CR3=000000019c864000 CR4=00000000001426f0
[  267.433148] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  267.439944] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  267.446126] *** Control State ***
[  267.449630] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  267.456418] EntryControls=0000d1ff ExitControls=002fefff
[  267.461963] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  267.468922] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  267.475714] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  267.482397]         reason=80000021 qualification=0000000000000000
[  267.488861] IDTVectoring: info=00000000 errcode=00000000
[  267.494440] TSC Offset = 0xffffff6cd8df3a2c
10:00:16 executing program 4:

10:00:16 executing program 0:

10:00:16 executing program 2:

10:00:16 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$IOC_PR_RESERVE(0xffffffffffffffff, 0x401070c9, 0x0)
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
io_setup(0x2957, &(0x7f0000000000))

10:00:16 executing program 0:

10:00:16 executing program 4:

[  267.498874] TPR Threshold = 0x00
[  267.502359] EPT pointer = 0x000000016c5db01e
10:00:17 executing program 4:

10:00:17 executing program 2:

10:00:17 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c12628571")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:17 executing program 0:

10:00:17 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0xfffffffffffffffe)
accept(r1, 0x0, &(0x7f0000000200))
dup2(r0, r1)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r2, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:17 executing program 3:

[  268.137833] *** Guest State ***
[  268.141293] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  268.150316] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  268.159250] CR3 = 0x0000000000000000
[  268.163058] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  268.169076] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  268.175234] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
10:00:17 executing program 2:

10:00:17 executing program 0:

10:00:17 executing program 3:

[  268.182029] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  268.190048] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  268.198165] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  268.206350] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  268.214629] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  268.222840] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  268.230843] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  268.239205] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  268.247359] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  268.255515] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  268.263593] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  268.270030] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  268.277579] Interruptibility = 00000000  ActivityState = 00000000
[  268.284179] *** Host State ***
10:00:17 executing program 4:

[  268.287425] RIP = 0xffffffff812b177c  RSP = 0xffff88812cdbf380
[  268.293517] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  268.299960] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  268.307951] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  268.314016] CR0=0000000080050033 CR3=000000016ce1c000 CR4=00000000001426f0
[  268.321081] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  268.327889] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  268.334050] *** Control State ***
[  268.337546] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  268.344357] EntryControls=0000d1ff ExitControls=002fefff
[  268.349938] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  268.357060] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  268.363829] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  268.370436]         reason=80000021 qualification=0000000000000000
[  268.376890] IDTVectoring: info=00000000 errcode=00000000
[  268.382441] TSC Offset = 0xffffff6c5ec089e3
10:00:17 executing program 4:

[  268.386785] TPR Threshold = 0x00
[  268.390177] EPT pointer = 0x000000016db3701e
10:00:17 executing program 0:

10:00:17 executing program 2:

10:00:18 executing program 4:

10:00:18 executing program 3:

10:00:18 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0xfffffffffffffffe)
accept(r2, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:18 executing program 0:

10:00:18 executing program 2:

10:00:18 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c1262857180")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:18 executing program 3:

10:00:18 executing program 0:

10:00:18 executing program 2:

10:00:18 executing program 4:

[  269.172857] *** Guest State ***
[  269.176310] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  269.185313] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  269.194237] CR3 = 0x0000000000000000
[  269.197982] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  269.204056] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  269.210078] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  269.216980] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  269.225158] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  269.233265] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  269.241860] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  269.250050] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  269.258224] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  269.266336] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  269.274435] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  269.282499] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  269.290599] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  269.298692] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  269.305189] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  269.312752] Interruptibility = 00000000  ActivityState = 00000000
[  269.319001] *** Host State ***
10:00:18 executing program 2:

10:00:18 executing program 3:

[  269.322313] RIP = 0xffffffff812b177c  RSP = 0xffff88812ceff380
[  269.328356] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  269.334898] FSBase=00007fb6c7b3c700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  269.342784] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  269.348704] CR0=0000000080050033 CR3=000000016cc0d000 CR4=00000000001426e0
[  269.355832] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ac015f0
[  269.362592] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  269.368671] *** Control State ***
10:00:18 executing program 0:

[  269.372241] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  269.378956] EntryControls=0000d1ff ExitControls=002fefff
[  269.384508] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  269.391465] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  269.398361] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  269.405020]         reason=80000021 qualification=0000000000000000
[  269.411369] IDTVectoring: info=00000000 errcode=00000000
[  269.416923] TSC Offset = 0xffffff6bd0421673
10:00:18 executing program 2:

[  269.421266] TPR Threshold = 0x00
[  269.424726] EPT pointer = 0x000000012c25e01e
10:00:18 executing program 3:

10:00:18 executing program 4:

10:00:18 executing program 0:

10:00:18 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0xfffffffffffffffe)
accept(r2, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:18 executing program 2:

10:00:18 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c1262857180")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  269.950549] *** Guest State ***
[  269.954197] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  269.963292] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  269.972230] CR3 = 0x0000000000000000
[  269.975995] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  269.982114] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  269.988212] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  269.995073] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  270.003184] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  270.011209] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  270.019346] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  270.027446] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  270.035574] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
10:00:19 executing program 2:

10:00:19 executing program 4:

10:00:19 executing program 0:

10:00:19 executing program 3:

[  270.043675] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  270.051789] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  270.059799] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  270.067918] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  270.076449] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  270.082983] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  270.090469] Interruptibility = 00000000  ActivityState = 00000000
[  270.096805] *** Host State ***
[  270.100038] RIP = 0xffffffff812b177c  RSP = 0xffff8881a098f380
[  270.106199] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  270.112733] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  270.120570] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  270.126609] CR0=0000000080050033 CR3=000000016fde3000 CR4=00000000001426f0
[  270.133741] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  270.140443] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  270.146624] *** Control State ***
[  270.150114] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  270.156922] EntryControls=0000d1ff ExitControls=002fefff
[  270.162475] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  270.169433] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  270.176201] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  270.182861]         reason=80000021 qualification=0000000000000000
[  270.189203] IDTVectoring: info=00000000 errcode=00000000
[  270.194856] TSC Offset = 0xffffff6b668d908e
10:00:19 executing program 2:

[  270.199286] TPR Threshold = 0x00
[  270.202752] EPT pointer = 0x000000016db9301e
10:00:19 executing program 4:

10:00:19 executing program 3:

10:00:19 executing program 0:

10:00:19 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0xfffffffffffffffe)
accept(r2, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:19 executing program 2:

10:00:19 executing program 4:

10:00:19 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c1262857180")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:19 executing program 0:

10:00:19 executing program 3:

[  270.828767] *** Guest State ***
[  270.832400] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  270.841372] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  270.850336] CR3 = 0x0000000000000000
[  270.854152] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  270.860171] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  270.866284] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
10:00:19 executing program 2:

10:00:19 executing program 0:

[  270.873089] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  270.881182] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  270.889511] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  270.897607] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  270.905722] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  270.913799] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
10:00:20 executing program 4:

[  270.921894] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  270.929914] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  270.938037] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  270.946154] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  270.954264] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  270.960717] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  270.968301] Interruptibility = 00000000  ActivityState = 00000000
[  270.974615] *** Host State ***
10:00:20 executing program 3:

[  270.977848] RIP = 0xffffffff812b177c  RSP = 0xffff88816db2f380
[  270.983990] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  270.990439] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  270.998346] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  271.004387] CR0=0000000080050033 CR3=0000000125fdf000 CR4=00000000001426f0
[  271.011444] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  271.018261] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  271.024407] *** Control State ***
[  271.027893] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  271.034692] EntryControls=0000d1ff ExitControls=002fefff
[  271.040196] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  271.047281] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  271.054142] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  271.060755]         reason=80000021 qualification=0000000000000000
[  271.067195] IDTVectoring: info=00000000 errcode=00000000
[  271.073197] TSC Offset = 0xffffff6aecede226
[  271.077537] TPR Threshold = 0x00
[  271.080930] EPT pointer = 0x000000016dd5801e
10:00:20 executing program 2:

10:00:20 executing program 0:

10:00:20 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(0xffffffffffffffff, 0xfffffffffffffffe)
accept(r2, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:20 executing program 4:

10:00:20 executing program 3:

10:00:20 executing program 0:

10:00:20 executing program 2:

10:00:20 executing program 5:
openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r0 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r0, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

10:00:20 executing program 4:

10:00:20 executing program 2:

10:00:20 executing program 0:

10:00:20 executing program 3:

10:00:20 executing program 5:
openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r0 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r0, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

10:00:21 executing program 4:

10:00:21 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(0xffffffffffffffff, 0xfffffffffffffffe)
accept(r2, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:21 executing program 2:

10:00:21 executing program 0:

10:00:21 executing program 3:

10:00:21 executing program 4:

10:00:21 executing program 5:
openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r0 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r0, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

10:00:21 executing program 0:

10:00:21 executing program 3:

10:00:21 executing program 2:

10:00:21 executing program 4:

10:00:21 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:21 executing program 0:

10:00:21 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(0xffffffffffffffff, 0xfffffffffffffffe)
accept(r2, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:21 executing program 2:

10:00:21 executing program 3:

10:00:21 executing program 0:

10:00:21 executing program 4:

10:00:21 executing program 2:

10:00:21 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:21 executing program 3:

10:00:21 executing program 0:

10:00:21 executing program 4:

10:00:22 executing program 2:

10:00:22 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:22 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
accept(r2, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:22 executing program 0:

10:00:22 executing program 3:

10:00:22 executing program 4:

10:00:22 executing program 2:

10:00:22 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:22 executing program 2:

10:00:22 executing program 0:

10:00:22 executing program 3:

10:00:22 executing program 4:

10:00:22 executing program 3:

10:00:22 executing program 0:

10:00:22 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
accept(0xffffffffffffffff, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:22 executing program 2:

10:00:22 executing program 4:

10:00:22 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:22 executing program 3:

10:00:22 executing program 0:

10:00:23 executing program 2:

10:00:23 executing program 3:

10:00:23 executing program 0:

10:00:23 executing program 4:

10:00:23 executing program 3:

10:00:23 executing program 0:

10:00:23 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
accept(0xffffffffffffffff, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:23 executing program 4:

10:00:23 executing program 2:

10:00:23 executing program 0:

10:00:23 executing program 3:

10:00:23 executing program 2:

10:00:23 executing program 4:

10:00:23 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, 0x0)
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:23 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
accept(0xffffffffffffffff, 0x0, &(0x7f0000000200))
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:23 executing program 2:
r0 = getpid()
sched_setattr(r0, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f0000000080)=ANY=[], 0xffdbc2ca)
link(&(0x7f0000000600)='./file0\x00', &(0x7f0000000580)='./file1/file0\x00')
unlink(0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)

10:00:23 executing program 3:
write$evdev(0xffffffffffffffff, &(0x7f0000000100)=[{{0x77359400}, 0x4, 0x4}], 0x18)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x2, 0x28001)
write$evdev(r0, &(0x7f0000000040)=[{}, {}], 0x52a)

10:00:24 executing program 0:

10:00:24 executing program 4:

10:00:24 executing program 0:

10:00:24 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
accept(r2, 0x0, 0x0)
dup2(r0, r2)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:24 executing program 4:

10:00:24 executing program 3:

10:00:24 executing program 0:
creat(0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl(r0, 0xffffffffffffffb4, &(0x7f0000000300))

10:00:24 executing program 4:
clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x40000000, 0x0)
r0 = getpid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
openat$smack_thread_current(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
openat$apparmor_task_current(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/attr/current\x00', 0x2, 0x0)
rt_sigqueueinfo(r0, 0x26, &(0x7f0000000100))

10:00:24 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480))
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:24 executing program 4:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000300)='/dev/rtc\x00', 0x0, 0x0)
ioctl$sock_inet_tcp_SIOCATMARK(r0, 0x7003, 0x0)
preadv(r0, &(0x7f0000000200)=[{&(0x7f0000000180)=""/116, 0x74}], 0x1, 0x0)
getsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0)

10:00:24 executing program 2:

10:00:24 executing program 0:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$UI_DEV_SETUP(r0, 0xc06855c8, 0x0)

10:00:24 executing program 3:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000001480)={{{@in, @in6=@loopback}}, {{@in6=@local}, 0x0, @in=@loopback}}, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000300)='/dev/rtc\x00', 0x0, 0x0)
ioctl$sock_inet_tcp_SIOCATMARK(r0, 0x7003, 0x0)
preadv(r0, &(0x7f0000000200)=[{&(0x7f0000000180)=""/116, 0x74}], 0x1, 0x0)
getsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0)

10:00:24 executing program 0:

10:00:24 executing program 3:

10:00:25 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
accept(r1, 0x0, 0x0)
dup2(0xffffffffffffffff, r1)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r2, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:25 executing program 2:

10:00:25 executing program 3:

10:00:25 executing program 0:

10:00:25 executing program 2:
r0 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x1ff, 0x6)
ppoll(&(0x7f0000000080)=[{r0}], 0x1, 0x0, 0x0, 0x0)
write$P9_RREAD(r0, &(0x7f0000000780)={0xb}, 0xb)

10:00:25 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:25 executing program 3:
r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240)='/dev/net/tun\x00', 0x2000, 0x0)
dup3(r0, r1, 0x0)

10:00:25 executing program 0:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
ioprio_set$uid(0x0, 0x0, 0x0)

10:00:25 executing program 2:
sched_setaffinity(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x663d3e087008c798, 0x0)

10:00:25 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
ioprio_set$uid(0x0, 0x0, 0x86)

10:00:25 executing program 0:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000340)='/dev/rfkill\x00', 0x0, 0x0)
read$FUSE(r0, 0x0, 0x18c)

10:00:25 executing program 4:

[  276.750061] *** Guest State ***
[  276.753628] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  276.762637] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  276.771757] CR3 = 0x0000000000000000
[  276.775550] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  276.781554] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  276.787727] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  276.794522] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  276.802597] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  276.810648] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  276.818776] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  276.826901] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  276.835008] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  276.843076] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  276.851263] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  276.859446] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  276.867523] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  276.875619] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  276.882124] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  276.889850] Interruptibility = 00000000  ActivityState = 00000000
[  276.896530] *** Host State ***
[  276.899765] RIP = 0xffffffff812b177c  RSP = 0xffff8881227cf380
[  276.905868] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  276.912351] FSBase=00007fb6c7b3c700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  276.920176] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  276.926175] CR0=0000000080050033 CR3=000000016fef4000 CR4=00000000001426e0
[  276.933311] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ac015f0
[  276.940025] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  276.946195] *** Control State ***
[  276.949682] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  276.956457] EntryControls=0000d1ff ExitControls=002fefff
[  276.962095] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  276.969056] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  276.975836] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  276.982495]         reason=80000021 qualification=0000000000000000
[  276.988842] IDTVectoring: info=00000000 errcode=00000000
[  276.994390] TSC Offset = 0xffffff67c3c3833c
10:00:26 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
accept(r1, 0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r2, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:26 executing program 4:
r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0)
getpgid(0x0)
sched_setscheduler(0x0, 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5334, &(0x7f00000001c0)={0xf48b, 0x0, 0x200000000, 'queue1\x00', 0x7fffffff})
write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}], 0xffffff76)
sched_setaffinity(0x0, 0x8, &(0x7f0000000540)=0x5)
syz_open_dev$vcsa(0x0, 0x5, 0x0)

10:00:26 executing program 2:
sched_setaffinity(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x0, 0x0)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x0)

10:00:26 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(des3_ede)\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
sendto$unix(r1, &(0x7f0000000180)="e79e5be8a322e021a962dba966d99c1d041bfe3def8faf4f884cc2eba8a8e8bd75f949f3b766690d02a499b7bac494e97a85934e930617a64d0a9d5dbe769b6021463c2a1d9e3e77074b5742e5df8f587d6a32604a94b930496e40bb6245f2569bf6bfa69c00cfc1dc83acc2857edae0a1cdb86b1961750146b13252dd9bedc8dbdbee9d02d9454b13a36ec86c7ad8c87e7a3e9f8c8b91bd32a7cb0678c796c7ef6077a081d7c9def99efe885cf521f65ff42b67fe037778a9c9dbc4a5aa8db056feddb484fc0600a08298649037225fefe6d5b82b47e3b77ebc7486ee8fdd70444dc95cdab9f41e218a5ffff20c6af56963621b0000000000000000000000", 0xff, 0x8000, 0x0, 0x0)
recvmmsg(r1, &(0x7f0000000040)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000004c0)=""/255, 0xff}], 0x1}}], 0x1, 0x0, 0x0)

10:00:26 executing program 3:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
getpriority(0x1, 0x0)

[  276.998754] TPR Threshold = 0x00
[  277.002229] EPT pointer = 0x000000012ccd201e
10:00:26 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:26 executing program 2:
mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0)
chdir(&(0x7f00000001c0)='./file0\x00')
mknod$loop(&(0x7f0000000300)='./file0\x00', 0x1000, 0xffffffffffffffff)

10:00:26 executing program 3:
bind$inet(0xffffffffffffffff, &(0x7f0000000240)={0x2, 0x0, @multicast1}, 0x10)
shmget$private(0x0, 0x2000, 0x7c001149, &(0x7f0000953000/0x2000)=nil)
shmat(0x0, &(0x7f0000952000/0x2000)=nil, 0x4000)
clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x0, @empty}, 0x10)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, &(0x7f0000000380)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @empty, 0x8001}}}, 0x30)
lsetxattr$security_capability(0x0, 0x0, &(0x7f0000000100), 0xc, 0x0)

[  277.250561] *** Guest State ***
[  277.254076] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  277.263046] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  277.272032] CR3 = 0x0000000000000000
[  277.275784] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  277.281839] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  277.287845] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  277.294642] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  277.302814] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  277.310834] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  277.318919] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  277.327206] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  277.335397] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  277.343474] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  277.351495] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  277.359653] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  277.367730] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  277.375793] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  277.382297] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  277.389779] Interruptibility = 00000000  ActivityState = 00000000
[  277.396224] *** Host State ***
[  277.399468] RIP = 0xffffffff812b177c  RSP = 0xffff88812f5ff380
[  277.406592] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  277.413214] FSBase=00007fb6c7b3c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  277.421053] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  277.427107] CR0=0000000080050033 CR3=000000012f72f000 CR4=00000000001426f0
[  277.434248] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  277.440964] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  277.447167] *** Control State ***
[  277.450650] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  277.457532] EntryControls=0000d1ff ExitControls=002fefff
[  277.463216] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  277.470173] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  277.476958] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  277.483622]         reason=80000021 qualification=0000000000000000
[  277.489970] IDTVectoring: info=00000000 errcode=00000000
[  277.495663] TSC Offset = 0xffffff677cf8c3e6
10:00:26 executing program 2:
bind$inet(0xffffffffffffffff, &(0x7f0000000240)={0x2, 0x0, @multicast1}, 0x10)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
shmat(0x0, &(0x7f0000952000/0x2000)=nil, 0x4000)
clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, &(0x7f0000000380)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e23, 0x7fffffff, @empty, 0x8001}}}, 0x30)

10:00:26 executing program 2:
r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz'}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$invalidate(0x15, r0)

10:00:26 executing program 3:
recvmsg$kcm(0xffffffffffffffff, &(0x7f00000025c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000024c0)=""/206, 0xce}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000480)='comm\x00')
ioperm(0xa477, 0xd0f, 0x0)
preadv(r0, &(0x7f00000017c0), 0xef, 0x0)

[  277.500008] TPR Threshold = 0x00
[  277.503512] EPT pointer = 0x0000000121d5001e
10:00:26 executing program 0:
recvmsg$kcm(0xffffffffffffffff, &(0x7f00000025c0)={&(0x7f0000002240)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$link(0x8, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000840)=ANY=[], 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000480)='comm\x00')
add_key$user(&(0x7f0000000200)='user\x00', &(0x7f0000000340)={'syz'}, &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)
ptrace$peekuser(0x3, 0x0, 0x0)
keyctl$dh_compute(0x17, 0x0, &(0x7f0000000240)=""/240, 0xf0, 0x0)
preadv(r0, &(0x7f00000017c0), 0xef, 0x0)
fstat(0xffffffffffffffff, 0x0)
keyctl$clear(0x7, 0x0)
ioctl$FIGETBSZ(0xffffffffffffffff, 0x2, &(0x7f0000000640))
syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x101, 0x0)

10:00:27 executing program 2:
r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0)
fcntl$setstatus(r0, 0x4, 0x2800)

10:00:27 executing program 4:
r0 = syz_open_dev$sndseq(&(0x7f00004cfff3)='/dev/snd/seq\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc058534f, &(0x7f0000006fa8)={{0x0, 0xa0000001}})
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

10:00:27 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
accept(r1, 0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r2 = syz_open_procfs(0x0, 0x0)
preadv(r2, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:27 executing program 3:
unshare(0x40000000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x10, 0xffffffffffffffff, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000440), 0x0, &(0x7f00000001c0)}, 0x0)
recvfrom$unix(0xffffffffffffffff, &(0x7f00000001c0)=""/187, 0xbb, 0x40, 0x0, 0xfffffffffffffe77)
getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x1c, &(0x7f0000000080)={@loopback, <r0=>0x0}, &(0x7f0000000100)=0x14)
ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000280)={@local, 0x63, r0})
ioctl$sock_ifreq(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00', @ifru_flags})

10:00:27 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:27 executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x1, 0x3, &(0x7f0000002000)=@framed={{0xffffffb7, 0x0, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f0000006f3d)=""/195}, 0x48)

10:00:27 executing program 0:
waitid(0x0, 0x0, 0x0, 0x8, 0x0)

[  278.058461] IPVS: ftp: loaded support on port[0] = 21
[  278.174091] *** Guest State ***
[  278.177534] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  278.186553] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  278.195484] CR3 = 0x0000000000000000
[  278.198271] IPVS: ftp: loaded support on port[0] = 21
[  278.199227] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  278.210447] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  278.216560] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
10:00:27 executing program 0:
r0 = syz_open_dev$binder(&(0x7f0000000080)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200)=[@flat={0x73622a85}], &(0x7f0000000240)=[0x0]}}], 0x0, 0x0, 0x0})
dup3(r1, r0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x15, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="006340400100000000000000000000000000000000"], 0x0, 0x0, 0x0})

[  278.223311] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  278.231349] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  278.239903] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  278.247960] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  278.256079] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  278.264180] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  278.272261] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  278.280272] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  278.288365] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  278.296448] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  278.304506] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  278.310946] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  278.318478] Interruptibility = 00000000  ActivityState = 00000000
[  278.324786] *** Host State ***
[  278.328017] RIP = 0xffffffff812b177c  RSP = 0xffff88812186f380
[  278.334105] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  278.340564] FSBase=00007fb6c7b3c700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  278.348463] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  278.354431] CR0=0000000080050033 CR3=0000000120632000 CR4=00000000001426e0
[  278.361473] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ac015f0
[  278.368230] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  278.374384] *** Control State ***
[  278.377868] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  278.384628] EntryControls=0000d1ff ExitControls=002fefff
[  278.390129] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  278.390488] binder: release 10410:10411 transaction 12 out, still active
[  278.397141] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  278.397160] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  278.397178]         reason=80000021 qualification=0000000000000000
[  278.397193] IDTVectoring: info=00000000 errcode=00000000
[  278.397207] TSC Offset = 0xffffff66fe490c02
[  278.397218] TPR Threshold = 0x00
[  278.397234] EPT pointer = 0x000000012a40601e
[  278.441830] binder: unexpected work type, 4, not freed
[  278.447134] binder: undelivered TRANSACTION_COMPLETE
[  278.454064] binder: 10410:10412 transaction failed 29189/-22, size 0-0 line 2834
10:00:27 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
msgrcv(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB], 0x1, 0x0, 0xa483ad41a879dde0)

[  278.469684] binder_alloc: binder_alloc_mmap_handler: 10410 20001000-20004000 already mapped failed -16
[  278.481098] binder: BINDER_SET_CONTEXT_MGR already set
[  278.486625] binder: 10410:10411 ioctl 40046207 0 returned -16
[  278.492928] binder_alloc: 10410: binder_alloc_buf, no vma
[  278.498660] binder: 10410:10412 transaction failed 29189/-3, size 24-8 line 2973
[  278.508134] binder: 10410:10412 got transaction to invalid handle
[  278.514574] binder: 10410:10412 transaction failed 29201/-22, size 0-0 line 2834
10:00:27 executing program 3:
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f00000002c0)=""/4096)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
clone(0x2e828903, 0x0, &(0x7f00000000c0), 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x8000000000000014)
wait4(0x0, 0x0, 0x0, 0x0)

[  278.536541] binder: undelivered TRANSACTION_ERROR: 29189
[  278.547117] binder: undelivered TRANSACTION_ERROR: 29201
[  278.552949] binder: undelivered TRANSACTION_ERROR: 29189
[  278.558497] binder: send failed reply for transaction 12, target dead
10:00:27 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:27 executing program 2:
clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x40000000, 0x0)
r0 = getpid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
openat$smack_thread_current(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
sendmsg$TIPC_CMD_RESET_LINK_STATS(0xffffffffffffffff, 0x0, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x400000007a181, 0x0)
pipe(0x0)
rt_sigqueueinfo(r0, 0x26, &(0x7f0000000100))

10:00:27 executing program 0:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
recvmsg(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1}, 0x100)
write$binfmt_elf64(r0, &(0x7f0000001640)=ANY=[], 0xf5aab446)
sched_setaffinity(0x0, 0x0, 0x0)
mprotect(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x0)
unlinkat(0xffffffffffffffff, 0x0, 0x0)

10:00:27 executing program 3:
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
clone(0x2e828903, 0x0, &(0x7f00000000c0), 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x8000000000000014)
wait4(0x0, 0x0, 0x0, 0x0)

10:00:27 executing program 2:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
clone(0x2e828903, 0x0, 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x8000000000000014)
wait4(0x0, 0x0, 0x0, &(0x7f0000000280))

10:00:27 executing program 4:
faccessat(0xffffffffffffffff, &(0x7f0000000040)='/', 0x0, 0x0)

10:00:28 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
accept(r1, 0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x1f6)

10:00:28 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:28 executing program 3:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_WKALM_RD(r0, 0x80247008, &(0x7f0000000040))

10:00:28 executing program 2:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
add_key(&(0x7f0000000080)='rxrpc_s\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffd)

10:00:28 executing program 4:
unshare(0x28020400)

[  279.097439] *** Guest State ***
[  279.100864] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  279.109872] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  279.118888] CR3 = 0x0000000000000000
[  279.122715] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  279.128718] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  279.134816] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  279.141578] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  279.149786] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  279.157859] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  279.166063] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  279.174153] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  279.182260] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
10:00:28 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0)
fchdir(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = inotify_init()
inotify_add_watch(r2, &(0x7f0000000080)='.\x00', 0xfe)
creat(&(0x7f0000001400)='./bus\x00', 0x0)

10:00:28 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = open(&(0x7f00007e2ff8)='./file0\x00', 0x140, 0x0)
r2 = open(&(0x7f0000002c00)='./file0\x00', 0x0, 0x0)
fcntl$setlease(r2, 0x400, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
fcntl$setlease(r1, 0x400, 0x2)
socket(0x0, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)

[  279.190266] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  279.198449] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  279.206514] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  279.214604] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  279.222670] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  279.229134] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  279.236710] Interruptibility = 00000000  ActivityState = 00000000
[  279.243514] *** Host State ***
[  279.246752] RIP = 0xffffffff812b177c  RSP = 0xffff88812194f380
[  279.252854] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  279.259306] FSBase=00007fb6c7b3c700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  279.267349] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  279.273335] CR0=0000000080050033 CR3=00000001211a4000 CR4=00000000001426e0
[  279.280500] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ac015f0
[  279.287301] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  279.293435] *** Control State ***
[  279.296920] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  279.303708] EntryControls=0000d1ff ExitControls=002fefff
[  279.309210] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  279.316249] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  279.323008] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  279.329645]         reason=80000021 qualification=0000000000000000
[  279.336094] IDTVectoring: info=00000000 errcode=00000000
[  279.341702] TSC Offset = 0xffffff667f0739d6
[  279.346055] TPR Threshold = 0x08
[  279.349466] EPT pointer = 0x000000013109201e
10:00:28 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  279.553855] *** Guest State ***
[  279.557367] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  279.566395] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  279.575420] CR3 = 0x0000000000000000
[  279.579157] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  279.585248] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  279.591266] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  279.598184] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  279.606262] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  279.614459] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  279.622567] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  279.630594] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  279.638699] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  279.646778] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  279.654873] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  279.662946] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  279.670975] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  279.679079] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  279.685579] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  279.693154] Interruptibility = 00000000  ActivityState = 00000000
[  279.699397] *** Host State ***
[  279.702668] RIP = 0xffffffff812b177c  RSP = 0xffff888120c6f380
[  279.708684] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  279.715214] FSBase=00007fb6c7b3c700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  279.723109] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  279.729035] CR0=0000000080050033 CR3=000000012a42a000 CR4=00000000001426e0
[  279.736190] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ac015f0
[  279.742942] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  279.749025] *** Control State ***
[  279.752597] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  279.759300] EntryControls=0000d1ff ExitControls=002fefff
[  279.764863] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  279.771874] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  279.778569] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  279.785265]         reason=80000021 qualification=0000000000000000
[  279.791688] IDTVectoring: info=00000000 errcode=00000000
[  279.797171] TSC Offset = 0xffffff6640e17785
[  279.801515] TPR Threshold = 0x08
10:00:28 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000140)=0x3)
poll(&(0x7f0000000300)=[{r1}], 0x1, 0x0)

10:00:28 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000fd0ffc)=0x2)
readv(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)=""/180, 0x20000234}], 0x1)

10:00:28 executing program 4:
r0 = syz_open_dev$vcsa(&(0x7f0000000180)='/dev/vcsa#\x00', 0x1ff, 0x1)
ppoll(&(0x7f00000000c0)=[{r0}], 0x1, 0x0, 0x0, 0x0)
pwritev(r0, &(0x7f0000000540)=[{&(0x7f0000000000)="a4", 0x1}], 0x1, 0x0)

10:00:28 executing program 3:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = dup2(r0, r0)
write$tun(r1, 0x0, 0x0)

[  279.804985] EPT pointer = 0x00000001227aa01e
10:00:29 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
accept(r1, 0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r2, 0x0, 0x0, 0x1f6)

10:00:29 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080))
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:29 executing program 4:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_WKALM_RD(r0, 0x80247009, &(0x7f0000000040))

10:00:29 executing program 3:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_WKALM_RD(r0, 0x80247009, 0x0)

10:00:29 executing program 0:
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/expire_nodest_conn\x00\'\xe1\xfd\xb4\xabo\xe7\xdb\xffSe\xd8\xa0\x96]1\xa98\xb3\xd9\xdb\xd5O\xd9b\xd7\xa1\x8c\xcb\x9b\"\xf2/\xeb\xf1\xf9\xbc\xd0\xed\xe2\xe1\xc9w\xc0;\x8dz\xd8\x8a,9\xd2\xedoY\xdcM\xe6\xb2S\x16\x1d\xc0\xfd\xaa\xeem\x8e\xf6\x18\x8e\xbb4\xab\x93\xa4\x89l\xdb\fh\x92i\xd6\xed\xe8\x1f3\xb3\xa1\xb0^\xfeA3\xf7h\xac$\xce\xe2P;xB\xf3\xba\n4(\xbc\xcd\xea\xfe\xba\xc8\xb3y\x99h1k\xc3\xc3\x00\xca\xb3\xf57\x85\x9f)?\x9bJ\x02n\x92)\x04\x92b\xb4\x89]\xf9Gn\xe6J\xa4\xda%\xed(fU\x90A\x19\x90\x14\xba\r\x94\x05\x9c\x8ez\x94\xc3^\xb05v\xfa\xc3D\xbf\x14\xf9\xef\x18', 0x2, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
execveat(r0, &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x1000)

10:00:29 executing program 4:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @remote, 0x7}, 0x1c)

[  280.262230] *** Guest State ***
[  280.265815] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  280.274836] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  280.283765] CR3 = 0x0000000000000000
[  280.287512] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  280.293696] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  280.299705] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  280.306479] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  280.314554] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  280.322632] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  280.330653] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  280.338797] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  280.346899] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  280.354979] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  280.363045] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  280.371065] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  280.379179] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  280.387242] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  280.393772] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  280.401364] Interruptibility = 00000000  ActivityState = 00000000
[  280.407676] *** Host State ***
[  280.410903] RIP = 0xffffffff812b177c  RSP = 0xffff888122b5f380
[  280.417018] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  280.423527] FSBase=00007fb6c7b3c700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  280.431360] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  280.437379] CR0=0000000080050033 CR3=0000000122b63000 CR4=00000000001426e0
[  280.444517] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ac015f0
[  280.451223] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  280.457374] *** Control State ***
10:00:29 executing program 3:
add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f0000000140)={'syz'}, 0x0, 0x0, 0xfffffffffffffffb)

10:00:29 executing program 4:
get_robust_list(0x0, &(0x7f0000000b80)=0x0, &(0x7f0000000bc0))

[  280.460861] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  280.467699] EntryControls=0000d1ff ExitControls=002fefff
[  280.473254] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  280.480213] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  280.486990] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  280.493677]         reason=80000021 qualification=0000000000000000
[  280.500024] IDTVectoring: info=00000000 errcode=00000000
[  280.505711] TSC Offset = 0xffffff65e158165e
[  280.510060] TPR Threshold = 0x00
[  280.513540] EPT pointer = 0x0000000120c9701e
10:00:29 executing program 0:
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000001a40)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020300030c000000000000f58200000002000900400000000000bc0000000000030006000000000002000000e0000054d81458186fe8b9000200010000000100000002020e044a7b030005000000000002000000e0003f010000000000fca0d9"], 0x60}}, 0x0)

10:00:29 executing program 2:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20000003, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
close(r0)
close(r1)

10:00:29 executing program 3:
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/user\x00')
syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/user\x00')

10:00:29 executing program 4:
r0 = socket$key(0xf, 0x3, 0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$key(r0, &(0x7f0000001a40)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020300030c000000000000f58200000002000900400000000000bc0000000000030006000000000002000000e0000054d81458186fe8b9000200010000000100000002020e044a7b030005000000000002000000e0003f010000000000fca0d9"], 0x60}}, 0x0)

[  280.876615] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
10:00:30 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
accept(r1, 0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r2, 0x0, 0x0, 0x1f6)

10:00:30 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080))
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:30 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0x4004ae99, 0x0)

10:00:30 executing program 2:
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001fc0)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000880)="eb4727cb7a9372b22db41cc2692b638d08c0d8de44412f1c6a0f082fb1b04033bf150fa8a5acdfdfa135f3cecd2627466c469251446c162ab05f538a4de306adb2d317bd3a52e4305ce9b424", 0x4c}, {0x0}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000100)="66b91000004066b80000000066ba000000000f30baa000eddb8f05000f89ae6a660f3a22efa80f09f00fc709f20f1ab60d0066b93608000066b80000000066ba008000000f3066b9800000c00f326635000800000f30", 0x56}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

10:00:30 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080))
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:30 executing program 0:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000000, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x31)
ptrace$cont(0x18, r0, 0x0, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x1e})
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x1f, r0, 0x0, 0x0)

10:00:30 executing program 3:
io_setup(0x100000001, &(0x7f0000000000)=<r0=>0x0)
io_getevents(r0, 0x0, 0x0, 0x0, 0x0)

10:00:30 executing program 4:
r0 = socket$key(0xf, 0x3, 0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$key(r0, &(0x7f0000001a40)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020300030c000000000000f58200000002000900400000000000bc0000000000030006000000000002000000e0000054d81458186fe8b9000200010000000100000002020e044a7b030005000000000002000000e0003f010000000000fca0d9"], 0x60}}, 0x0)

10:00:30 executing program 0:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x40004100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

[  281.374634] ptrace attach of "/root/syz-executor0"[10584] was attempted by "/root/syz-executor0"[10589]
10:00:30 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:30 executing program 2:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x0, 0x0)
ioctl$UI_END_FF_UPLOAD(r0, 0x406855c9, &(0x7f0000000080)={0x0, 0x0, {0x0, 0x0, 0x0, {}, {}, @ramp}, {0x0, 0x0, 0x0, {}, {}, @period={0x0, 0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0}}})

10:00:30 executing program 3:
perf_event_open(&(0x7f00000001c0)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x4, &(0x7f0000000240))

[  281.570349] IPVS: ftp: loaded support on port[0] = 21
[  281.740258] IPVS: ftp: loaded support on port[0] = 21
10:00:31 executing program 4:
perf_event_open(&(0x7f00000001c0)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/\t\x04s/netcipv4/vs/secureWt\xb3\xf5i\'uC\xdc\x10\xebcp\x00\x85wm\x00\xc3\x88\x7fL6*f3O3h\xf1\x80\x06F\x80kvq\xf6&\x98\xa1\x17\xcf7\a\bCK\"lby\xd6\xb2\xb6L\x90\x95\xd9t\xbd\x1e\a&\xc5}\b\xb3\xb7\xd9m\xf3\x06%Zt\x020&\xf0\xcd\xe4\"w\x13e\xea\xe3\xc1XhF\xff6\fd.\xad\xf670\xff\xa6\x95$\xa3\xa9\xc7{-3\x83\xe1\xbf\x82\x015k\xb4\xf5\x02\'\xec\x19PS\x95\x8e@\x90\xa1\xa3\xb6\x86\x89!61o\xa0\xc7{_\xba\xbb\x9a6\x88\xd4\xa8\xcb\xf4\r\xdc.^\x9f\xc4I{z\xc5\xd9\xdb\x8e\xb1\xf6\f\x7f\x84(\x92\x1d\x1f\x99', 0x2, 0x0)

10:00:31 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
accept(r1, 0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r2, 0x0, 0x0, 0x1f6)

10:00:31 executing program 2:
r0 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r0, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
epoll_create(0x0)

10:00:31 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20000003, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
close(r0)
close(r1)

10:00:31 executing program 3:
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000001540)=@raw={'raw\x00', 0x9, 0x3, 0x268, 0x0, 0x138, 0x0, 0x138, 0x0, 0x210, 0x210, 0x210, 0x210, 0x210, 0x3, &(0x7f00000003c0), {[{{@ip={@empty, @multicast1, 0xffffff00, 0xff, 'bcsh0\x00', 'veth1_to_bond\x00', {}, {0xff}, 0x7f, 0x0, 0x2}, 0x0, 0x98, 0xf8}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @local, 0x234, 0x8, [0x8, 0x33, 0x3e, 0x34, 0x3e, 0x3f, 0x0, 0x2e, 0x24, 0x1d, 0x34, 0x0, 0x8, 0x25, 0x3c, 0x6], 0x0, 0x5f}}}, {{@uncond, 0x0, 0x98, 0xd8}, @common=@unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "b258cd8177f5859b0a981ec6e7a6333c42ecda25bf93981ad964cb46d9dd"}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x2c8)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @mcast2}, 0x80, 0x0}, 0x8000)
socketpair(0x5, 0x0, 0x1000, &(0x7f0000000000))
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
timer_create(0x6, &(0x7f0000000280)={0x0, 0x7, 0x3}, &(0x7f0000000380))
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0xff4a)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x20032600)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a0f, 0x1700)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0)
accept4$inet(0xffffffffffffffff, &(0x7f0000000040), &(0x7f00000002c0)=0x10, 0x80000)
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, 0x0)

[  282.074705] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
10:00:31 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
syz_open_pts(r0, 0x100)

10:00:31 executing program 4:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'vlan0\x00@\x00\x00\x00\x00\x00\x00\x00\x00 ', 0xd803})
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000040)={'vlan0\x00\x00\xf6\xff\xff\xff\xff\xff\xff\xff\x00', {0x2, 0x0, @local}})

10:00:31 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_REGS(r2, 0x4138ae84, &(0x7f0000000280))

10:00:31 executing program 0:
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001fc0)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000880)="eb4727cb7a9372b22db41cc2692b638d08c0d8de44412f1c6a0f082fb1b04033bf150fa8a5acdfdfa135f3cecd2627466c469251446c162ab05f538a4de306adb2d317bd3a52e4305ce9b424", 0x4c}], 0x1}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
openat$vsock(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000100)="66b91000004066b80000000066ba000000000f30baa000eddb8f05000f89ae6a660f3a22efa80f09f00fc709f20f1ab60d0066b93608000066b80000000066ba008000000f3066b9800000c00f326635000800000f30", 0x56}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  282.455100] picdev_read: 262 callbacks suppressed
[  282.455110] kvm: pic: non byte read
[  282.503462] kvm: pic: non byte read
[  282.520518] kvm: pic: non byte read
[  282.532477] kvm: pic: non byte read
10:00:31 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:31 executing program 3:
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001fc0)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000880)="eb4727cb7a9372b22db41cc2692b638d08c0d8de44412f1c6a0f082fb1b04033bf150fa8a5acdfdfa135f3cecd2627466c469251446c162ab05f538a4de306adb2d317bd3a52e4305ce9b424", 0x4c}, {0x0}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
openat$vsock(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000100)="66b91000004066b80000000066ba000000000f30baa000eddb8f05000f89ae6a660f3a22efa80f09f00fc709f20f1ab60d0066b93608000066b80000000066ba008000000f3066b9800000c00f326635000800000f30", 0x56}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

10:00:31 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc018ae85, &(0x7f0000000180)={0x0, 0xfdfdffff})

10:00:31 executing program 2:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$getownex(r0, 0x3, &(0x7f0000000200)={0x0, <r1=>0x0})
readv(0xffffffffffffffff, 0x0, 0xffffffffffffff50)
syz_open_procfs$namespace(r1, &(0x7f0000000000)='ns/user\x00')

[  282.556543] kvm: pic: non byte read
[  282.569398] kvm: pic: non byte read
[  282.607766] kvm: pic: non byte read
[  282.638756] kvm: pic: non byte read
[  282.691407] kvm: pic: non byte read
[  282.718553] kvm: pic: non byte read
[  282.738868] *** Guest State ***
[  282.742371] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  282.751256] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  282.760313] CR3 = 0x0000000000000000
[  282.764122] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  282.770130] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  282.776331] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  282.783155] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  282.791181] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  282.799276] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  282.807421] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  282.815509] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  282.823586] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  282.831679] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  282.839695] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  282.847769] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  282.855867] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  282.863943] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  282.870381] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  282.877932] Interruptibility = 00000000  ActivityState = 00000000
[  282.884247] *** Host State ***
[  282.887472] RIP = 0xffffffff812b177c  RSP = 0xffff88811f79f380
[  282.893564] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  282.900007] FSBase=00007fb6c7b3c700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  282.907998] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  282.913981] CR0=0000000080050033 CR3=000000012b548000 CR4=00000000001426e0
[  282.921033] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ac015f0
[  282.927852] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  282.934114] *** Control State ***
[  282.937600] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  282.944399] EntryControls=0000d1ff ExitControls=002fefff
[  282.949936] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  282.956996] VMEntry: intr_info=80000083 errcode=00000000 ilen=00000000
[  282.963866] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001
[  282.970477]         reason=80000021 qualification=0000000000000000
[  282.977038] IDTVectoring: info=00000000 errcode=00000000
[  282.982587] TSC Offset = 0xffffff648e5b3550
[  282.986933] TPR Threshold = 0x00
[  282.990324] EPT pointer = 0x000000011dc6301e
10:00:32 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
accept(r1, 0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r2, &(0x7f0000000000), 0x0, 0x1f6)

10:00:32 executing program 4:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu\x00', 0x200002, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0)
r2 = creat(&(0x7f0000000100)='./file0\x00', 0x4)
write$P9_RREMOVE(r2, &(0x7f0000000280), 0xff7f)
r3 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
ftruncate(r4, 0x2081fc)
pipe(&(0x7f0000000340)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
write(r6, &(0x7f00000001c0), 0xfffffef3)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, 0xffffffffffffffff, 0x0)
read(r5, &(0x7f0000000000)=""/250, 0x128b9372)
r7 = open(&(0x7f0000000500)='./bus\x00', 0x141042, 0x0)
r8 = getpgrp(0x0)
ptrace$peekuser(0x3, r8, 0x7)
fcntl$lock(r2, 0x0, &(0x7f00000001c0)={0x0, 0x4, 0x8, 0x7, r8})
fcntl$setstatus(r7, 0x4, 0x0)
write$FUSE_WRITE(r7, &(0x7f0000000080)={0x18}, 0x18)
madvise(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x9)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
fcntl$setstatus(r3, 0x4, 0x6100)
fdatasync(r2)
write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0xf642e7e)
r9 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_SERVICE(r3, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000020}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x34, r9, 0x404, 0x70bd2a, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x81}, @IPVS_CMD_ATTR_SERVICE={0x18, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x3, 0x4}}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x5}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x4040844}, 0x10)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000200)={0x0, r2})

10:00:32 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x2, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$sock_inet_SIOCGARP(0xffffffffffffffff, 0x8954, &(0x7f0000000340)={{0x2, 0x0, @dev}, {0x0, @random="5d982d051370"}, 0x0, {0x2, 0x0, @multicast1}, 'veth0_to_bridge\x00'})
write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0x3f8)
ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000))

[  283.176711] kvm [10638]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000014 data 0x0
[  283.211824] kvm [10638]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x4000000a data 0x0
10:00:32 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:32 executing program 2:
r0 = syz_open_dev$binder(&(0x7f00000000c0)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x44, 0x0, &(0x7f0000000400)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x10000000, 0x0})

10:00:32 executing program 0:
clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x40000000, 0x0)
r0 = getpid()
syz_open_procfs(0x0, 0x0)
rt_sigqueueinfo(r0, 0x26, &(0x7f0000000100))

[  283.370434] binder: 10681:10682 transaction failed 29189/-22, size 0-0 line 2834
[  283.427715] binder_alloc: binder_alloc_mmap_handler: 10681 20001000-20003000 already mapped failed -16
10:00:32 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x2, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
write$P9_RSTATFS(r0, &(0x7f00000000c0)={0x43}, 0x43)
r1 = syz_open_pts(r0, 0x0)
ioctl$sock_inet_SIOCGARP(0xffffffffffffffff, 0x8954, &(0x7f0000000340)={{0x2, 0x0, @dev}, {0x0, @random="5d982d051370"}, 0x0, {0x2, 0x0, @multicast1}, 'veth0_to_bridge\x00'})
write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0x3f8)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x15})

[  283.473213] binder: 10681:10689 transaction failed 29189/-22, size 0-0 line 2834
[  283.476455] kvm [10650]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000024 data 0x0
[  283.494931] binder: undelivered TRANSACTION_ERROR: 29189
[  283.503968] binder: undelivered TRANSACTION_ERROR: 29189
10:00:32 executing program 2:
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
close(0xffffffffffffffff)
close(r0)
readv(0xffffffffffffffff, 0x0, 0xbc6ada0ca8f63fcb)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000780))
getpeername$inet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f00000000c0)={0x0, @multicast1, 0x0, 0x0, 'rr\x00', 0x10}, 0x2c)
setsockopt$inet_udp_encap(r0, 0x11, 0x64, 0x0, 0x0)
r1 = shmget(0x1, 0x3000, 0x78000010, &(0x7f0000ffa000/0x3000)=nil)
shmctl$SHM_STAT(r1, 0xd, &(0x7f0000000200)=""/169)
poll(&(0x7f0000000080)=[{}], 0x1, 0x0)

10:00:32 executing program 3:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
getpeername(0xffffffffffffffff, 0x0, 0x0)
r1 = gettid()
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
r2 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
socket$unix(0x1, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffc000/0x3000)=nil)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0)
shmctl$SHM_INFO(0x0, 0xe, 0x0)
setsockopt$netlink_NETLINK_CAP_ACK(r2, 0x10e, 0xa, &(0x7f0000000040), 0x4)
tkill(r1, 0x1000000000016)

10:00:32 executing program 2:
r0 = socket$unix(0x1, 0x2, 0x0)
r1 = semget$private(0x0, 0x0, 0x0)
semctl$GETZCNT(r1, 0x0, 0xf, 0x0)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c)
recvmmsg(r0, &(0x7f0000000640)=[{{&(0x7f0000000300)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r2=>0xffffffffffffffff}}, 0x80, 0x0}}], 0x1, 0x0, 0x0)
syncfs(0xffffffffffffffff)
dup3(r0, r2, 0x0)
rt_sigsuspend(0x0, 0x0)
mmap$perf(&(0x7f0000ff7000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
setsockopt$inet6_MRT6_DEL_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd3, 0x0, 0x0)
fsync(0xffffffffffffffff)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_TIMEOUT(r2, 0x0, 0x48a, &(0x7f0000000080), 0xc)

10:00:33 executing program 3:
socket$inet_tcp(0x2, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000440))
pipe(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f0000000340), 0x10000014c)
epoll_create(0x6)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={0x0, <r2=>0x0})
pselect6(0x40, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)={0x1b7}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000040)={@loopback, 0x3, 0x3, 0xff, 0x8, 0x3, 0xd1}, &(0x7f0000000080)=0x20)
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000340), 0xc, 0x0}, 0x400c080)

10:00:33 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
setsockopt$inet6_opts(r1, 0x29, 0x3b, &(0x7f00000004c0)=ANY=[@ANYBLOB="00020401000700000000000000000000003b"], 0x1)
sendmmsg(r1, &(0x7f00000092c0), 0x170, 0x0)

10:00:33 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
accept(r1, 0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r2, &(0x7f0000000000), 0x0, 0x1f6)

10:00:33 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x202a})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_ifreq(r0, 0x8922, &(0x7f0000000240)={'eql\x00\x00\x00\xa9[\x00', @ifru_map={0x1ff}})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)

[  284.195223] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  284.202090] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
10:00:33 executing program 4:
gettid()
inotify_init1(0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x2, 0x0)
semctl$IPC_STAT(0x0, 0x0, 0x2, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfe)
semop(0x0, 0x0, 0x0)
write$P9_RFLUSH(r0, 0x0, 0xce)

10:00:33 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:33 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuset.effective_mems\x00', 0x275a, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000140)={<r1=>0x0, 0x0})
sendfile(r1, r0, &(0x7f0000000180)=0xff0f, 0x80000000)

10:00:33 executing program 0:
r0 = socket$inet6(0xa, 0x3, 0xf5)
ioctl(r0, 0x1000008912, &(0x7f00000046c0)="0a5c2d023c126285718070")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
writev(r1, &(0x7f0000000100)=[{&(0x7f0000000340)='P', 0x1}], 0x1)

10:00:33 executing program 4:
r0 = socket$inet(0x2, 0xa, 0x0)
sendmsg(r0, &(0x7f0000000880)={&(0x7f0000000080)=@pppol2tpv3in6, 0x80, 0x0}, 0x0)

10:00:33 executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
write$P9_RLINK(0xffffffffffffffff, 0x0, 0x0)
r1 = dup2(r0, r0)
open(0x0, 0x0, 0x0)
accept$unix(0xffffffffffffffff, 0x0, 0x0)
fchmod(0xffffffffffffffff, 0x0)
getsockname$inet(0xffffffffffffffff, 0x0, 0x0)
getsockname$netlink(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000000)={0x401, 0x7, 0x2}, 0x14)

[  284.751195] syz-executor4 uses obsolete (PF_INET,SOCK_PACKET)
10:00:33 executing program 2:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, 0x0)
accept4$inet(r0, &(0x7f0000000180)={0x2, 0x0, @empty}, 0x0, 0x80800)
close(0xffffffffffffffff)
close(r1)
readv(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000780))
getpeername$inet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_udp_encap(r1, 0x11, 0x64, 0x0, 0x0)
poll(&(0x7f0000000080), 0x0, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x0, 0x0, 0x0)
getegid()
setsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f00000001c0), 0x4)

10:00:33 executing program 0:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
seccomp(0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  284.938313] kauditd_printk_skb: 3 callbacks suppressed
[  284.938336] audit: type=1326 audit(1545645633.983:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10761 comm="syz-executor0" exe="/root/syz-executor0" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45a4ca code=0x0
10:00:34 executing program 3:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0x7, 0x3, &(0x7f0000008000)=@framed={{0xffffff85, 0x6c00000000000000, 0x0, 0x0, 0x7, 0xffffffb5}}, &(0x7f0000014ff5)='syzka\x00\x00\x00\x05\x00\xf3', 0x2, 0x1000, &(0x7f0000014000)=""/4096}, 0x48)

10:00:34 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
accept(r1, 0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r2, &(0x7f0000000000), 0x0, 0x1f6)

10:00:34 executing program 4:
r0 = socket$kcm(0x29, 0x0, 0x0)
close(r0)
r1 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x3, 0x70, 0x3e6, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='pids.events\x00', 0x0, 0x0)
write$cgroup_int(r2, &(0x7f0000000580)=0x7, 0x12)
r3 = openat$cgroup_ro(r2, &(0x7f00000005c0)='io.Z\xef\x1fO\x006y\xb5\xa0\xa9C\x8fV\xf2\xbfygl)\x8bet\xdb\xa3u\xa9t\xb5\x18[ub5\xc0\xa7H\x18\x83\xa3\xd8\xdc\x13\x04\x11\x83I.d\xe0\xa3\x13\xd7\x97\'\xe4q5g\xa2\xd9\r\x96.T\xf2\x9bI\x9b\x15N\x87\xf8\xdbL$|m\xd9\xe8\xae\xd3*a,\xf0\xb5G\xaf\xd4\xe5]\x11\x9f\x87\x92\xbe?~#\x89U\xcf\xe11%\xc1\xfc\xc4lG\x1c\x80\x00_V\x84\x99\xc8\xb2k\xcc:\xf1\xff\x00\x00\xccJ]\xdf\xbd\x8b\x7f(Rp\xb2\xb0Pw\xf9\x7f\xfc\b\xae\xc9\xe3()\xc8Qe\xfb3\x93\xa5v\xe5\xce\x18\xe7CYdc\x8e^\x058\x04\x17\b\xa0$\xaa\x93\xa3\x8c\xe6\xed\xb5\xd1\xce\xb4\x1d\xe4\xc3\xb3\xbf\x13\xa4\xd9@\b\x02\x9d/gC#\xe3=i\xa1!\xff\xb0\x1f\xb8\xc7i\x009', 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, &(0x7f0000000100)={r2})
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xfffffffffffffffb}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000240)={&(0x7f0000000200)='./file0\x00', 0x0, 0x8}, 0x10)
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000380)=@pptp={0x18, 0x2, {0x0, @multicast1}}, 0x80, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
r4 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0xc, &(0x7f0000000080), 0x4)
sendmsg$kcm(r4, &(0x7f00000000c0)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000500)}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe9\xdc\x00', 0x200091})
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000440)={r3})
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x89f1, &(0x7f0000000080)='GPL\x00')
ioctl$TUNSETVNETLE(r5, 0x400454dc, &(0x7f0000000040))
bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0xfffffffffffffffc, 0x4001, 0x0, 0x8d4, 0x20, 0x1, 0x2}, 0x2c)
ioctl$sock_kcm_SIOCKCMUNATTACH(r1, 0x89e1, &(0x7f0000000140)={r5})
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(r6)
socketpair(0x2000800000001, 0x40000000000001, 0x0, &(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
mkdirat$cgroup(r3, &(0x7f0000000280)='syz1\x00', 0x1ff)
ioctl$sock_kcm_SIOCKCMUNATTACH(r7, 0x5452, &(0x7f0000000000))
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
write$cgroup_int(r8, &(0x7f00000000c0), 0xffffff19)
close(r7)
socket$kcm(0x29, 0x0, 0x0)

10:00:34 executing program 2:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0, 0x9}, 0xfffffffffffffd43)
setsockopt$sock_attach_bpf(r0, 0x29, 0x24, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000000100)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000000400)=[{&(0x7f00000000c0)="a87022ec4fd53c7bd7fb8535da4300000000c22b7b6f5af87d98ce827ccbaf893f11159bece05cca", 0x28}], 0x1}, 0x0)

10:00:34 executing program 2:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f0, &(0x7f0000000080)='GPL\x00')
bpf$MAP_CREATE(0x0, 0x0, 0x0)

10:00:34 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:34 executing program 3:
syz_emit_ethernet(0x66, &(0x7f0000000080)={@empty=[0x2b], @remote, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x18}, @local}, @gre={{0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x1, 0x8100}}}}}}, 0x0)

10:00:34 executing program 4:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x6}, 0x1c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0xffffffffffffffff, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x18}}}, 0x1c)
sendmmsg(r0, &(0x7f0000000240), 0x5c3, 0x0)

10:00:34 executing program 2:
utimes(0x0, &(0x7f0000000080)={{}, {0x0, 0x9}})
msgrcv(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="5cbd544199c3641cff02"], 0x1, 0x0, 0x0)
r0 = socket$inet6(0x18, 0x2, 0x0)
connect(r0, &(0x7f0000000080)=@un=@abs={0x25af90167d5e1800}, 0x1c)
writev(r0, &(0x7f0000001580)=[{&(0x7f0000000280)="6b1254b8c9a3ecce6671f17b8ac728091deb3968fc84d0e412191a5ad6ad1e6e920e1e784fa78d183da8f864288a145f768fd9027c85f985e5fedd2a8d5c8bcbef8e6c60112805479c9e600c538ed91a510401bc29f97612e95a0a1f8b9a2981621df1a0280f773511065bc14b3142cb4a7c836e216dae39f9101a095190b82e696513f774b5ce88d066eaa87d3b86fab996e7c4986de4a0d9c3d7f4cdd04a04550a49ca16f7f163e10615fa6f8ef8a3d1d7898e16d99ec266db01d0010c03d047e382c3460decd076176f46cd28627a00cf77980660f994a85af0ad7da460d5a022021060ca113fb683dad48a83d6cb576f34d8b583b814734dc11077f3df1d3a2b03800fb2bca5867fefa52610cf9fb443de729b1253b0c3b57036172bfc3c491139b06dfbc45ec63555008f74019f92c02f33da7bb48b14295e4b756711d52f69ccb6dbaba7741adf64ddb6a5abb9ad5773481a5428ea4d65582489e72dfa562ddc956fcaafbcb00863aacaf47542cf9cb4780b80fd0e7b89c06edd4325b1a5227d52c97be3da907511d0caa6a62b4aeaea8cbb3e187383713413a76adef0a870f43cfe82f3cb639ec86717bb2ac48168f8ab7f3dd75fdba347eb154596e42662ac52ef78ec78ebf116e0c809299e8dfefad621ee250f9ecc5ee08767979067639a4fab1abf8bee1a1d7268ef006f753dfea6f7323ee6d2b7e6166d553a845d06a2536bf50ff1518b131c5bb1dd192107ea5f1a767d8aec62c227a5853d3703fed538e209f43145717e63f7b7ee2536d75ada1de9cd517156527f28b0a5e03a6a78cdc6d9869ab03e1ca3133f10e527c7f08ecaeaa1d3f73885a2d3597917cc010f3dec06238f5b3fe0e2ebb1f04be69096d91a40afc1d6cb633957e9620850ee15041f99983ab774ede8f8f1a29b407e24f9d7c300c9d86da09f2c557296b9b64afcb5c185b512e47d88a2818430f5a92c1d357595dd266ebd5302413d8de2720820baf673e9663765931c5811e161a9d0cec09db2e58805fa677180379204a1f66f8cef77f6768975dc1b0e6250274e2732bd8fbb994fc50feb42b2f35579bf07159ee9951fede7b155a565f80c5be795b82d0ab776cd535c15295e8124fda4cb316c0646f4a25ca9904f07003e067b97dc98db9d9c8b361ffc08588d8e4739e7baa52f2984d44b2adc03ff7cfd506f422e517eeefae7724e9397f25d4a102a47ff40868f2853e7deabb3a3f92e5aaa74ab4f3fb6e644cb75f70de7ee395d1f4003d5de9e76f62bcbf2ad5888f5c88022ef7fd324ad6415c063500ac7d2050d3400a57f371aa83d4b5644d80f1fed2dff6551ddabd31a6a08076fcf7bdb5dd13f9ce8e53245e58918884877830d2a97ea14a0b805ee7326a542d64209b604defc9a49a378425b9ad6c50e17ab827def2eb2ada463fb67aa9c1d46fafe0ac11b8b25b5b05b1e37172d27a76d7775bd726a8752754871c235d2c79b3c4a1f6e083a84311982a367e334241e52fd0f23f77aec1f9116e5c1013c30f7e69867a1a1ca42f657678cb7a9a987eb08c802cc46dfdeede316fb3bbb6298313d84", 0x45f}], 0x1)

10:00:34 executing program 3:
syz_emit_ethernet(0x66, &(0x7f0000000080)={@empty=[0x2b], @remote, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x18}, @local}, @gre={{0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x1, 0x8100}}}}}}, 0x0)

10:00:34 executing program 3:
r0 = open(&(0x7f0000000380)='./file0\x00', 0x12a02, 0x0)
lseek(r0, 0x0, 0x7ffff)
write(r0, &(0x7f0000000000)='j', 0x1)
lseek(r0, 0x0, 0x0)
readv(r0, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/121, 0x79}, {&(0x7f0000000100)=""/10, 0x197}, {&(0x7f0000000140)=""/61, 0xea}, {&(0x7f0000000180)=""/188, 0xfffffecd}, {&(0x7f0000000240)=""/110, 0x6e}], 0x5)
pwritev(r0, &(0x7f0000001640)=[{&(0x7f00000016c0)="11671c327ae694e70dafcad67e1e8a6203d71c7625dfaedcbfc3c1f017556d7bca1eedb8e7535cd3e4172b10bf4cef37f75cc3b75e2552aa264bf8602987cd4c620dda456492f1a12168c346ca2d9bd2fd94a111e2545f7094f1330960e65d6dff3f45d244ef74d850b313cfa2caa7be61fe06fe6a0e4c2ae8392a019379376f06b40e6f16986b1a744f7c0d3673ccb6ffc65661069eed7209f645f2b5962bb4edc20d2ca585774092f24f0a29b229dbc4c30ea106c5b8d58e304a5523a834c458a2c404dddf1a264fe798bc32647e52", 0xd0}], 0x1, 0x0)

[  285.697064] audit: type=1326 audit(1545645634.743:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10761 comm="syz-executor0" exe="/root/syz-executor0" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45a4ca code=0x0
10:00:34 executing program 0:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f023c123f3188a070")
r1 = socket(0x10, 0x2, 0xc)
write(r1, &(0x7f0000000140)="1f0000000104ff00fd4354c007110000f305010008000100010423dcffdf00", 0x1f)
write(r1, &(0x7f0000594000)="1f0000000104ff00fd4354c007110000f305010008000100020423dcffdf00", 0x1f)
write$binfmt_aout(0xffffffffffffffff, 0x0, 0x0)

10:00:34 executing program 3:
setuid(0xee01)
r0 = semget(0x1, 0x5, 0x0)
semctl$SETVAL(r0, 0x0, 0x8, 0x0)

[  285.849274] netlink: 3 bytes leftover after parsing attributes in process `syz-executor0'.
[  285.861061] netlink: 3 bytes leftover after parsing attributes in process `syz-executor0'.
[  285.872985] netlink: 3 bytes leftover after parsing attributes in process `syz-executor0'.
10:00:34 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
accept(r1, 0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r2, &(0x7f0000000000)=[{0x0}], 0x1, 0x1f6)

10:00:34 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='GPL\x00')
bpf$MAP_CREATE(0x0, 0x0, 0x0)

[  285.905510] netlink: 3 bytes leftover after parsing attributes in process `syz-executor0'.
10:00:35 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], 0x0}, 0x48)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x201, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb2, 0x0, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x1800000000000000, 0x3d, 0x0, &(0x7f0000000000)="b90703e6680d698cb89e40f02cead5dc57ee41dea43e63a377fb8a977c3f1d1756be5143d84648a27f11c72be049eb4be1977d486a72d7363417ef6c90", 0x0, 0x28}, 0x28)

10:00:35 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000240)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf67000000000000570600000fff07006706000002000000070600000ee6e6ffbf150000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070410000400f9ffad43010000000000950000000000000005000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x4}, 0x48)

10:00:35 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

10:00:35 executing program 0:
r0 = socket$kcm(0x11, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f00000017c0)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x4, @ipv4={[], [], @multicast1}}, 0x80, 0x0}, 0x0)

10:00:35 executing program 4:

10:00:35 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

10:00:35 executing program 0:
r0 = syz_open_dev$binder(&(0x7f0000000080)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200)=[@flat={0x73622a85}], &(0x7f0000000240)=[0x0]}}], 0x0, 0x0, 0x0})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x5, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0063404001"], 0x0, 0x0, 0x0})

10:00:35 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$vcsa(&(0x7f0000000180)='/dev/vcsa#\x00', 0x1ff, 0x1)
pwritev(r0, &(0x7f0000000540)=[{&(0x7f0000000740)="a44a536b6af5aee596dfc4cfeafedcf21f55ea3f6a7ca2e3a9fac2cb499e33bae75a49395d01b3710c4cebc7d1a5bfab17063bc3456e7352c824b74c40c5b3fabe92b0769c4389181f90e79c108b8d7f9aaa270eb89565fe81cc1565cbc1c7b4dc203129ff5f6c05869e", 0x6a}], 0x1, 0x0)

10:00:35 executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)={0xa, 0xc, 0x100000000000914, 0x1}, 0x2c)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
socketpair(0x0, 0x0, 0x0, 0x0)
recvmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
socket$kcm(0x29, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={r0, &(0x7f0000000000), 0x0}, 0x20)

[  286.670247] binder_alloc: 10851: binder_alloc_buf, no vma
[  286.676107] binder: 10851:10854 transaction failed 29189/-3, size 0-0 line 2973
10:00:35 executing program 2:

10:00:35 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
accept(r1, 0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r2, &(0x7f0000000000)=[{0x0}], 0x1, 0x1f6)

10:00:35 executing program 3:

10:00:35 executing program 2:

10:00:35 executing program 4:

10:00:35 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x3)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

10:00:35 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x802, 0x88)
sendmsg$kcm(r1, &(0x7f0000000240)={&(0x7f0000000080)=@in6={0xa, 0x4e24, 0x0, @mcast2, 0x9}, 0x80, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="3800000000000000290000000400000078040401000000c0073510fbff0000b408000000fab77117210000002000200000ff7f7634ad165d"], 0x38}, 0x8000)
sendmsg$kcm(r1, &(0x7f0000000000)={&(0x7f0000000100)=@nl=@unspec, 0x80, &(0x7f0000000040)=[{&(0x7f0000000280)}], 0x1}, 0x0)

[  286.871224] binder: undelivered TRANSACTION_ERROR: 29189
[  286.876982] binder: send failed reply for transaction 21 to 10851:10854
[  286.905650] binder: undelivered TRANSACTION_COMPLETE
[  286.910950] binder: undelivered TRANSACTION_ERROR: 29189
10:00:36 executing program 2:

10:00:36 executing program 4:

10:00:36 executing program 3:

10:00:36 executing program 0:

10:00:36 executing program 4:

10:00:36 executing program 3:

10:00:36 executing program 2:

10:00:36 executing program 5:

10:00:36 executing program 0:

10:00:36 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
accept(r1, 0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r2, &(0x7f0000000000)=[{0x0}], 0x1, 0x1f6)

10:00:36 executing program 4:

10:00:36 executing program 3:

10:00:37 executing program 2:

10:00:37 executing program 4:

10:00:37 executing program 5:

10:00:37 executing program 0:

10:00:37 executing program 3:

10:00:37 executing program 3:

10:00:37 executing program 4:

10:00:37 executing program 2:

10:00:37 executing program 5:

10:00:37 executing program 0:

10:00:37 executing program 3:

10:00:37 executing program 4:

10:00:37 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
accept(r1, 0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r2, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x0)

10:00:37 executing program 2:

10:00:37 executing program 0:

10:00:37 executing program 5:

10:00:37 executing program 4:

10:00:37 executing program 2:

10:00:37 executing program 3:

10:00:38 executing program 0:

10:00:38 executing program 3:
pipe2(0x0, 0x0)
getdents(0xffffffffffffffff, 0x0, 0xfffffffffffffe08)
fstat(0xffffffffffffffff, 0x0)
setxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0)
close(0xffffffffffffffff)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0))
accept(0xffffffffffffffff, 0x0, 0x0)
r0 = semget(0xffffffffffffffff, 0x0, 0x0)
semctl$IPC_RMID(r0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
connect(0xffffffffffffffff, 0x0, 0x0)
pipe(0x0)
ioctl$sock_SIOCADDDLCI(0xffffffffffffffff, 0x8980, 0x0)
r1 = gettid()
getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x1c9c380}, {0x0, 0x9}}, 0x0)
clock_gettime(0x0, 0x0)
io_setup(0x0, 0x0)
io_setup(0x0, 0x0)
io_getevents(0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r1, 0x1000000000016)

10:00:38 executing program 5:

10:00:38 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
accept(r1, 0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r2, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x0)

10:00:38 executing program 4:

10:00:38 executing program 2:

10:00:38 executing program 5:

10:00:38 executing program 0:

10:00:38 executing program 3:

10:00:38 executing program 5:

10:00:38 executing program 2:

10:00:38 executing program 0:

10:00:38 executing program 3:

10:00:38 executing program 4:

10:00:39 executing program 5:

10:00:39 executing program 1:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
accept(r1, 0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r2, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x0)

10:00:39 executing program 4:

10:00:39 executing program 2:

10:00:39 executing program 3:

10:00:39 executing program 0:

10:00:39 executing program 5:

10:00:39 executing program 0:

10:00:39 executing program 3:

10:00:39 executing program 2:

10:00:39 executing program 5:

10:00:39 executing program 4:

10:00:39 executing program 0:

10:00:40 executing program 0:

10:00:40 executing program 3:

10:00:40 executing program 5:

10:00:40 executing program 4:

10:00:40 executing program 2:

10:00:40 executing program 1:

10:00:40 executing program 5:

10:00:40 executing program 3:

10:00:40 executing program 0:

10:00:40 executing program 2:

10:00:40 executing program 4:

10:00:40 executing program 1:

10:00:40 executing program 3:

10:00:40 executing program 5:

10:00:40 executing program 2:

10:00:40 executing program 0:

10:00:40 executing program 4:

10:00:41 executing program 1:

10:00:41 executing program 3:

10:00:41 executing program 5:

10:00:41 executing program 0:

10:00:41 executing program 4:

10:00:41 executing program 2:

10:00:41 executing program 1:

10:00:41 executing program 3:

10:00:41 executing program 0:

10:00:41 executing program 5:

10:00:41 executing program 4:

10:00:41 executing program 3:

10:00:41 executing program 0:

10:00:41 executing program 2:

10:00:41 executing program 1:

10:00:41 executing program 4:

10:00:41 executing program 5:

10:00:41 executing program 0:

10:00:41 executing program 2:

10:00:41 executing program 3:

10:00:41 executing program 4:

10:00:41 executing program 0:

10:00:41 executing program 1:

10:00:41 executing program 2:

10:00:41 executing program 5:

10:00:42 executing program 0:
r0 = add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f0000000140)={'syz'}, 0x0, 0x0, 0xfffffffffffffffb)
r1 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={'syz'}, 0x0, 0x0, r0)
keyctl$revoke(0x3, r1)

10:00:42 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x2, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0x3f8)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x15})

10:00:42 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000000))

10:00:42 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000000))

10:00:42 executing program 5:

10:00:42 executing program 2:

10:00:42 executing program 0:

10:00:42 executing program 4:

10:00:42 executing program 2:
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000007000/0x6000)=nil, 0x6000, 0x7, 0x11, r0, 0x0)
madvise(&(0x7f0000007000/0x4000)=nil, 0x4000, 0x9)

10:00:42 executing program 5:
r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000007000/0x6000)=nil, 0x6000, 0x7, 0x11, r0, 0x0)
madvise(&(0x7f0000007000/0x4000)=nil, 0x4000, 0x9)

10:00:42 executing program 1:
syslog(0x3, &(0x7f0000000100)=""/137, 0x89)

10:00:42 executing program 4:
r0 = socket$inet(0x2, 0x3, 0x8000000001)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x6}, 0x2c)
getsockopt$inet_mreqsrc(r0, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0x2c)

10:00:42 executing program 0:

10:00:42 executing program 3:

10:00:42 executing program 2:

10:00:42 executing program 5:

10:00:42 executing program 3:

10:00:42 executing program 4:

10:00:42 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001})
ppoll(&(0x7f00000000c0)=[{r1}], 0x1, &(0x7f0000000100)={0x0, 0x1c9c380}, 0x0, 0x0)

10:00:42 executing program 2:
seccomp(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffffffffffffb}]})
creat(0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(des3_ede)\x00'}, 0x58)
syz_open_procfs(0x0, 0x0)
openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
munlockall()
accept4(r0, 0x0, 0x0, 0x10000080800)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
getpgrp(0x0)

10:00:42 executing program 5:
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0)
chdir(&(0x7f00000001c0)='./file0\x00')
r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0)
ftruncate(r0, 0x208200)
r1 = open(&(0x7f0000000780)='./bus\x00', 0x14103e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r1, 0x0)

10:00:43 executing program 3:
r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0)
dup3(r0, r1, 0x0)

10:00:43 executing program 1:
sched_setaffinity(0x0, 0x8, &(0x7f0000000540)=0x5)
perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000300)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
shmctl$IPC_RMID(0x0, 0x0)

10:00:43 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
dup3(r1, r0, 0x0)
ppoll(&(0x7f00000000c0)=[{r1}], 0x1, 0x0, 0x0, 0x0)

10:00:43 executing program 3:
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000340)='/dev/rfkill\x00', 0x0, 0x0)
read$FUSE(r0, 0x0, 0x0)
open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000007000/0x6000)=nil, 0x6000, 0x0, 0x10, 0xffffffffffffffff, 0x0)

10:00:43 executing program 0:
r0 = gettid()
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12}, &(0x7f0000000100))
syslog(0x2, &(0x7f00000001c0)=""/185, 0x3db)
timer_settime(0x0, 0x0, &(0x7f00000000c0)={{0x0, 0x8}, {0x0, 0x1c9c380}}, 0x0)
tkill(r0, 0x15)

[  294.109505] audit: type=1326 audit(1545645643.153:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=11146 comm="syz-executor2" exe="/root/syz-executor2" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45a4ca code=0xffff0000
10:00:43 executing program 1:
creat(0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0)
munlockall()

10:00:43 executing program 3:
socket$inet6(0xa, 0x0, 0x3)
r0 = memfd_create(&(0x7f00000001c0)='ppp0+,selfppp0vmnet1proc\']\x00', 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000050000)='/dev/snd/seq\x00', 0x0, 0x101001)
r2 = dup2(r1, r0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, '\x9e\xdez\x8cZ\xe9^\xc8g,\x934\x0fd:fO\x13\xee\xabe\xc02)\x01\xdck\xd3l\xde,Q\xf0\x1b\x7f\v\x01O\x9f\x91\xee\xb7\xc3|r@\xf4v\xc8\xd7S\xd0\x00\xaa\x8f\xaf\x8f\xb5t\xdb\xcf\xa6\xdcM'})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r2, 0x40bc5311, &(0x7f0000000000)={0x80, 0x1, 'clien\x00\x00\x00\x00\x00\x00\x04\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00', 0xffffffff90000004, "7fd82d5e02ca3901", "88e7ed00007fff051eae961ef6c6992b7e6e560000f9fff77711be18a3d918e0"})
write$sndseq(r0, &(0x7f0000042f70)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {0x6}, {}, @addr}], 0xffffffbd)
ioctl(0xffffffffffffffff, 0x0, 0x0)

10:00:43 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x3)
r1 = memfd_create(&(0x7f00000001c0)='ppp0+,selfppp0vmnet1proc\']\x00', 0x0)
r2 = syz_open_dev$sndseq(&(0x7f0000050000)='/dev/snd/seq\x00', 0x0, 0x101001)
r3 = dup2(r2, r1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, '\x9e\xdez\x8cZ\xe9^\xc8g,\x934\x0fd:fO\x13\xee\xabe\xc02)\x01\xdck\xd3l\xde,Q\xf0\x1b\x7f\v\x01O\x9f\x91\xee\xb7\xc3|r@\xf4v\xc8\xd7S\xd0\x00\xaa\x8f\xaf\x8f\xb5t\xdb\xcf\xa6\xdcM'})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r3, 0x40bc5311, &(0x7f0000000000)={0x80, 0x1, 'clien\x00\x00\x00\x00\x00\x00\x04\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00', 0xffffffff90000004, "7fd82d5e02ca3901", "88e7ed00007fff051eae961ef6c6992b7e6e560000f9fff77711be18a3d918e0"})
write$sndseq(r1, &(0x7f0000042f70)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {0x6}, {}, @addr}], 0xffffffbd)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")

10:00:43 executing program 1:
socket$alg(0x26, 0x5, 0x0)
syz_open_procfs(0x0, 0x0)
openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0)
munlockall()

10:00:43 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00000002c0))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f00000001c0)={[{0x4, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {0xffffffff80000000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}]})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={'bond0\x00\x00\x00\x00\xf9\x8b\x00'})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$swradio(0x0, 0xffffffffffffffff, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  294.784443] audit: type=1326 audit(1545645643.833:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=11146 comm="syz-executor2" exe="/root/syz-executor2" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45a4ca code=0xffff0000
[  294.785811] pit: kvm: requested 3352 ns i8254 timer period limited to 200000 ns
10:00:43 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r0, 0x5404, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc})
ppoll(&(0x7f00000000c0)=[{r1}], 0x1, &(0x7f0000000100)={0x0, 0x1c9c380}, 0x0, 0x0)

[  294.955070] pit: kvm: requested 56990 ns i8254 timer period limited to 200000 ns
[  294.974212] pit: kvm: requested 43580 ns i8254 timer period limited to 200000 ns
[  294.995786] pit: kvm: requested 30171 ns i8254 timer period limited to 200000 ns
[  295.011880] pit: kvm: requested 30171 ns i8254 timer period limited to 200000 ns
[  295.047155] pit: kvm: requested 3352 ns i8254 timer period limited to 200000 ns
10:00:44 executing program 1:
r0 = syz_open_dev$vcsa(&(0x7f0000000180)='/dev/vcsa#\x00', 0x1ff, 0x1)
pwritev(r0, &(0x7f0000000540)=[{&(0x7f0000000740)="a4", 0x1}], 0x1, 0x0)

10:00:44 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2902001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8)
r0 = getpid()
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000140)='/dev/hwrng\x00', 0x0, 0x0)
setsockopt$inet_tcp_buf(r1, 0x6, 0xe, &(0x7f00000003c0)="e8cc855fb0ea131348", 0x9)
rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f00000000c0))
ptrace(0x10, r0)
r2 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x7, 0x303000)
setsockopt$inet6_MCAST_MSFILTER(r2, 0x29, 0x30, &(0x7f00000008c0)=ANY=[], 0x0)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f0000000400)={0x6, @win={{0x5, 0xd47e, 0x5, 0x3bd}, 0xf, 0x10001, &(0x7f00000002c0)={{0x6, 0x100000001, 0x8001, 0xff}, &(0x7f0000000280)={{0x2140000, 0x5, 0x2, 0x3}}}, 0x6, &(0x7f0000000300)="d1f8da6c03c76a9619259215451f80aaa101a60df664aec43c91465b8568035226efb7346d1ccdcb9a3903e9d7da91c558696a5991f7c12b11b79dd7c05d1261017dcab33289da190cac451b723733110362c30a38948854cb", 0x80}})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000200), &(0x7f0000000240)=0xc)
ptrace$pokeuser(0x6, 0x0, 0x0, 0x1f)

10:00:44 executing program 0:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
io_setup(0x1ff, &(0x7f00000000c0)=<r0=>0x0)
io_pgetevents(r0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x77359400}, 0x0)
rt_sigprocmask(0x0, 0x0, &(0x7f0000000400), 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000700)={{{@in6, @in6=@loopback}}, {{@in6=@mcast2}, 0x0, @in=@loopback}}, &(0x7f0000000800)=0xe8)

10:00:44 executing program 5:
socket$inet6(0xa, 0x805, 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BLKBSZSET(r1, 0x40081271, &(0x7f0000000100)=0xffffffff80000004)
ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, &(0x7f0000000500)={0x6c07, 0x3, 0x3ff, 0x8000000005, 0x5})
ioctl$BLKBSZSET(r1, 0x40081271, &(0x7f0000000040)=0x80)
flistxattr(r1, &(0x7f0000000400)=""/168, 0xffffffffffffffda)
prctl$PR_CAPBSET_READ(0x17, 0xd)
fremovexattr(r1, &(0x7f00000000c0)=@known='trusted.overlay.impure\x00')
unshare(0x40000000)
recvfrom$packet(r1, &(0x7f0000000740)=""/213, 0xd5, 0x40000040, 0x0, 0x0)
r2 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000009c0)={<r3=>0x0, r1, 0x0, 0x2, &(0x7f00000008c0)='%\x00'}, 0x201)
perf_event_open(&(0x7f0000000840)={0x2, 0x70, 0x8, 0x5, 0xf000000000000000, 0x9, 0x0, 0x7fff, 0x1002, 0x1, 0x6, 0xb5, 0x100000000, 0x5, 0x8001, 0xac4, 0xffffffff, 0x1, 0x5, 0x2, 0x6, 0x101, 0x0, 0xffffffff, 0x0, 0x101, 0x3, 0x31f3, 0x7fffffff, 0x40, 0x7, 0x2, 0x6, 0xff, 0x0, 0x9, 0x800, 0x5, 0x0, 0x0, 0x0, @perf_config_ext={0x100000000, 0x3a81}, 0x0, 0x9, 0x10000, 0xf, 0xdc8, 0xd8b4}, r3, 0x1, r2, 0x2)
r4 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_opaque(r0, &(0x7f0000000580)='trusted.overlay.opaque\x00', &(0x7f0000000700)='y\x00', 0x2, 0x3)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = semget$private(0x0, 0x8, 0x4)
semctl$SEM_STAT(0x0, 0x2, 0x12, &(0x7f0000000300)=""/208)
semctl$GETPID(r5, 0x4, 0xb, &(0x7f0000000900)=""/20)
unshare(0x20000000)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000240)={[0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x7f, 0x0, 0x0, 0xfffffffffffffff8]})
getsockopt$bt_rfcomm_RFCOMM_CONNINFO(0xffffffffffffffff, 0x12, 0x2, 0x0, &(0x7f00000001c0))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3000004)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000640)={[0x3, 0xfffffffffffffff5, 0x0, 0xc4, 0x20, 0x5ffa, 0x3ff, 0x21a, 0x8, 0x8, 0x7f, 0x2, 0x10000, 0x8001, 0x0, 0x7], 0x15000, 0x10100})
ioctl$FS_IOC_GETVERSION(r4, 0x80087601, &(0x7f00000004c0))
futex(&(0x7f0000000540)=0x2, 0x83, 0x0, &(0x7f00000005c0), &(0x7f0000000600)=0x1, 0x2)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
getdents64(r6, &(0x7f00000000c0)=""/11, 0xeb)

10:00:44 executing program 4:
pipe(&(0x7f0000000540)={<r0=>0xffffffffffffffff})
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
fcntl$getflags(r0, 0x408)
lsetxattr$security_smack_entry(0x0, 0x0, 0x0, 0x0, 0x0)

10:00:44 executing program 2:
request_key(&(0x7f0000000000)='id_resolver\x00', &(0x7f0000000040)={'syz'}, 0x0, 0xfffffffffffffffe)

10:00:44 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00000002c0))
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000000)={[], 0x421})
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f00000001c0))

10:00:44 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x30, r1, 0x805, 0x0, 0x0, {{}, 0x0, 0x5, 0x0, {0x14}}}, 0x30}}, 0x0)

10:00:44 executing program 2:
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x0})
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_dgram(r1, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x0}, 0x10)
dup2(r1, r0)

10:00:44 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f00000000c0)=0x1)

10:00:44 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r1, &(0x7f0000002fc8)={0x0, 0x0, &(0x7f0000002000)=[{&(0x7f000000dfaa)="5500000018007f5300fe01b2a4a280930a600000ffa84306910000003900070035000c00060000001900150005000000000000dc1338d54400009b84136ef75afb83de4411001600c43ab8220000060cec4fab91d4", 0x55}], 0x1}, 0x0)

[  295.780805] IPVS: ftp: loaded support on port[0] = 21
10:00:45 executing program 3:
clone(0x13102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, &(0x7f00000003c0), 0x80000002, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x1b)
ptrace$cont(0x18, r0, 0x0, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x3e})
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x1f, r0, 0x0, 0x0)

[  296.052351] IPv6: NLM_F_REPLACE set, but no existing node found!
[  296.158225] IPv6: NLM_F_REPLACE set, but no existing node found!
[  296.200442] ptrace attach of "/root/syz-executor3"[11256] was attempted by "/root/syz-executor3"[11257]
10:00:45 executing program 3:
clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x40000000, 0x0)
r0 = getpid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
openat$smack_thread_current(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
openat$apparmor_task_current(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/attr/current\x00', 0x2, 0x0)
pipe(0x0)
rt_sigqueueinfo(r0, 0x26, &(0x7f0000000100))

[  296.486826] IPVS: ftp: loaded support on port[0] = 21
10:00:46 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r1, &(0x7f0000002fc8)={0x0, 0x0, &(0x7f0000002000)=[{&(0x7f000000dfaa)="5500000018007f5300fe01b2a4a280930a600000ffa84306910000003900070035000c00060000001900150005000000000000dc1338d54400009b84136ef75afb83de4411001600c43ab8220000060cec4fab91d4", 0x55}], 0x1}, 0x0)

10:00:46 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c)
connect$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote}, 0x1b)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000000180))
sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

10:00:46 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000fd0ffc)=0x2)

10:00:46 executing program 3:
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[@ANYBLOB="020af0030700000025bd700000000000050019000000000402004e0300000000000000000000000002004e217f0800010000000000000000"], 0x38}}, 0x0)

10:00:46 executing program 5:
socket$inet6(0xa, 0x805, 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BLKBSZSET(r1, 0x40081271, &(0x7f0000000100)=0xffffffff80000004)
ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, &(0x7f0000000500)={0x6c07, 0x3, 0x3ff, 0x8000000005, 0x5})
ioctl$BLKBSZSET(r1, 0x40081271, &(0x7f0000000040)=0x80)
flistxattr(r1, &(0x7f0000000400)=""/168, 0xffffffffffffffda)
prctl$PR_CAPBSET_READ(0x17, 0xd)
fremovexattr(r1, &(0x7f00000000c0)=@known='trusted.overlay.impure\x00')
unshare(0x40000000)
recvfrom$packet(r1, &(0x7f0000000740)=""/213, 0xd5, 0x40000040, 0x0, 0x0)
r2 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000009c0)={<r3=>0x0, r1, 0x0, 0x2, &(0x7f00000008c0)='%\x00'}, 0x201)
perf_event_open(&(0x7f0000000840)={0x2, 0x70, 0x8, 0x5, 0xf000000000000000, 0x9, 0x0, 0x7fff, 0x1002, 0x1, 0x6, 0xb5, 0x100000000, 0x5, 0x8001, 0xac4, 0xffffffff, 0x1, 0x5, 0x2, 0x6, 0x101, 0x0, 0xffffffff, 0x0, 0x101, 0x3, 0x31f3, 0x7fffffff, 0x40, 0x7, 0x2, 0x6, 0xff, 0x0, 0x9, 0x800, 0x5, 0x0, 0x0, 0x0, @perf_config_ext={0x100000000, 0x3a81}, 0x0, 0x9, 0x10000, 0xf, 0xdc8, 0xd8b4}, r3, 0x1, r2, 0x2)
r4 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_opaque(r0, &(0x7f0000000580)='trusted.overlay.opaque\x00', &(0x7f0000000700)='y\x00', 0x2, 0x3)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = semget$private(0x0, 0x8, 0x4)
semctl$SEM_STAT(0x0, 0x2, 0x12, &(0x7f0000000300)=""/208)
semctl$GETPID(r5, 0x4, 0xb, &(0x7f0000000900)=""/20)
unshare(0x20000000)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000240)={[0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x7f, 0x0, 0x0, 0xfffffffffffffff8]})
getsockopt$bt_rfcomm_RFCOMM_CONNINFO(0xffffffffffffffff, 0x12, 0x2, 0x0, &(0x7f00000001c0))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3000004)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000640)={[0x3, 0xfffffffffffffff5, 0x0, 0xc4, 0x20, 0x5ffa, 0x3ff, 0x21a, 0x8, 0x8, 0x7f, 0x2, 0x10000, 0x8001, 0x0, 0x7], 0x15000, 0x10100})
ioctl$FS_IOC_GETVERSION(r4, 0x80087601, &(0x7f00000004c0))
futex(&(0x7f0000000540)=0x2, 0x83, 0x0, &(0x7f00000005c0), &(0x7f0000000600)=0x1, 0x2)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
getdents64(r6, &(0x7f00000000c0)=""/11, 0xeb)

10:00:46 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0286415, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000100)={0x0, 0x0, 0x8}, 0x10)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[@ANYBLOB="145f42000000c99f643e07ff000000000300de07060000000000008a30f543fc70db0f5c266b37ed98ede844c2"], 0x1}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x3, 0x0, 0x1000, &(0x7f0000010000/0x1000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  297.054575] IPv6: NLM_F_REPLACE set, but no existing node found!
10:00:46 executing program 3:
socket$inet6(0xa, 0x805, 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BLKBSZSET(r1, 0x40081271, &(0x7f0000000100)=0xffffffff80000004)
ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, &(0x7f0000000500)={0x6c07, 0x3, 0x3ff, 0x8000000005, 0x5})
ioctl$BLKBSZSET(r1, 0x40081271, &(0x7f0000000040)=0x80)
flistxattr(r1, &(0x7f0000000400)=""/168, 0xffffffffffffffda)
prctl$PR_CAPBSET_READ(0x17, 0xd)
fremovexattr(r1, &(0x7f00000000c0)=@known='trusted.overlay.impure\x00')
unshare(0x40000000)
recvfrom$packet(r1, &(0x7f0000000740)=""/213, 0xd5, 0x40000040, 0x0, 0x0)
r2 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000009c0)={<r3=>0x0, r1, 0x0, 0x2, &(0x7f00000008c0)='%\x00'}, 0x201)
perf_event_open(&(0x7f0000000840)={0x2, 0x70, 0x8, 0x5, 0xf000000000000000, 0x9, 0x0, 0x7fff, 0x1002, 0x1, 0x6, 0xb5, 0x100000000, 0x5, 0x8001, 0xac4, 0xffffffff, 0x1, 0x5, 0x2, 0x6, 0x101, 0x0, 0xffffffff, 0x0, 0x101, 0x3, 0x31f3, 0x7fffffff, 0x40, 0x7, 0x2, 0x6, 0xff, 0x0, 0x9, 0x800, 0x5, 0x0, 0x0, 0x0, @perf_config_ext={0x100000000, 0x3a81}, 0x0, 0x9, 0x10000, 0xf, 0xdc8, 0xd8b4}, r3, 0x1, r2, 0x2)
r4 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_opaque(r0, &(0x7f0000000580)='trusted.overlay.opaque\x00', &(0x7f0000000700)='y\x00', 0x2, 0x3)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = semget$private(0x0, 0x8, 0x4)
semctl$SEM_STAT(0x0, 0x2, 0x12, &(0x7f0000000300)=""/208)
semctl$GETPID(r5, 0x4, 0xb, &(0x7f0000000900)=""/20)
unshare(0x20000000)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000240)={[0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x7f, 0x0, 0x0, 0xfffffffffffffff8]})
getsockopt$bt_rfcomm_RFCOMM_CONNINFO(0xffffffffffffffff, 0x12, 0x2, 0x0, &(0x7f00000001c0))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3000004)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000640)={[0x3, 0xfffffffffffffff5, 0x0, 0xc4, 0x20, 0x5ffa, 0x3ff, 0x21a, 0x8, 0x8, 0x7f, 0x2, 0x10000, 0x8001, 0x0, 0x7], 0x15000, 0x10100})
ioctl$FS_IOC_GETVERSION(r4, 0x80087601, &(0x7f00000004c0))
futex(&(0x7f0000000540)=0x2, 0x83, 0x0, &(0x7f00000005c0), &(0x7f0000000600)=0x1, 0x2)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
getdents64(r6, &(0x7f00000000c0)=""/11, 0xeb)

[  297.162656] IPVS: ftp: loaded support on port[0] = 21
10:00:46 executing program 0:
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net\x00\x00\x00\x00\x00\x00\x00\a/expire_nodest_conn\x00', 0x2, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x0)

10:00:46 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x4, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  297.392853] IPVS: ftp: loaded support on port[0] = 21
10:00:46 executing program 0:
r0 = syz_open_dev$binder(&(0x7f00000000c0)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x50, 0x0, &(0x7f0000000400)=[@transaction={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, @free_buffer], 0x0, 0x10000000, 0x0})

10:00:47 executing program 2:
r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x1000000105085)
io_setup(0x407, &(0x7f0000000380)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000017c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0xffffff47}])

[  298.066293] binder: 11312:11315 transaction failed 29189/-22, size 0-0 line 2834
10:00:47 executing program 1:
getpid()
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
clone(0x2e828903, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x8000000000000014)
wait4(0x0, 0x0, 0x0, 0x0)

10:00:47 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = inotify_init1(0x0)
fcntl$setown(r1, 0x8, 0xffffffffffffffff)
fcntl$getownex(r1, 0x10, &(0x7f00000000c0)={0x0, <r2=>0x0})
ptrace$setopts(0x4206, r2, 0x0, 0x0)
ptrace(0x4207, r2)
ptrace$getregset(0x18, r2, 0x0, 0x0)

[  298.250288] binder: undelivered TRANSACTION_ERROR: 29189
[  298.413131] ptrace attach of "/root/syz-executor0"[6249] was attempted by "/root/syz-executor0"[11329]
10:00:47 executing program 4:
r0 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00U'])

10:00:47 executing program 1:
openat$snapshot(0xffffffffffffff9c, 0x0, 0x220000, 0x0)
syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
r0 = openat$md(0xffffffffffffff9c, &(0x7f0000000000)='/dev/md0\x00', 0x4000, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x0)
ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r0)

10:00:47 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)={0x34, 0x0, 0x0, 0x0, 0x0, {{}, 0x0, 0x4101, 0x0, {0x18, 0x17, {0x2, 0x0, @udp='udp:syz0\x00'}}}}, 0x34}}, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

10:00:48 executing program 5:
openat$snapshot(0xffffffffffffff9c, 0x0, 0x220000, 0x0)
syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x40000000000201, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x2020}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$md(0xffffffffffffff9c, &(0x7f0000000000)='/dev/md0\x00', 0x4000, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x0)
ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r0)
openat$ashmem(0xffffffffffffff9c, 0x0, 0x0, 0x0)

10:00:48 executing program 0:
openat$snapshot(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$md(0xffffffffffffff9c, &(0x7f0000000000)='/dev/md0\x00', 0x4000, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x0)
ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r0)
openat$ashmem(0xffffffffffffff9c, 0x0, 0x0, 0x0)

10:00:48 executing program 4:
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
recvmmsg(r0, &(0x7f0000002840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
connect(r0, &(0x7f0000002000)=@ethernet, 0x10)
sendmsg$can_bcm(r0, &(0x7f00005e4000)={0x0, 0x0, &(0x7f0000728000)={&(0x7f00000001c0)={0x5, 0x8ff, 0x0, {0x0, 0x7530}, {}, {}, 0x1, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "260503dd3e3c0a6afe3f7b377378f2e013e66ff1bf538a0f1abc5b8beb605be3d9448c99787c873249ed9c34e040a29606427925d8dd9065c240a288783179ce"}}, 0x80}}, 0x0)

10:00:48 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
mkdir(&(0x7f0000000200)='./file0\x00', 0x0)
rename(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file1\x00')

10:00:48 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10:00:48 executing program 3:
r0 = syz_open_dev$binder(&(0x7f00000000c0)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x44, 0x0, &(0x7f0000000400)=[@transaction={0x40046302, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x10000000, 0x0})

[  299.298161] binder: BC_ACQUIRE_RESULT not supported
[  299.303328] binder: 11358:11361 ioctl c0306201 20000180 returned -22
[  299.372027] *** Guest State ***
[  299.375490] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  299.384518] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  299.393451] CR3 = 0x0000000000000000
[  299.397203] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  299.403298] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  299.409308] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
10:00:48 executing program 3:
perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000002740)}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='/\x02roup.stap\x00', 0x2761, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r1, 0xc0185879, 0x20000001)

10:00:48 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x20)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x0, "bbdbed656ac1fdef42687d46c6e3b022a6fa4f3ac484a2b44efe0d7bedcea6ce0c110a3235dc7caadc24279de6bd2c4c2509358a823335a7fce0db9dc5dd8829ae76e491ed00b825c89e019deddccfa5"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  299.416118] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  299.424216] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  299.432334] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  299.440382] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  299.448548] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  299.456666] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  299.464764] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  299.472859] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  299.480852] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  299.488909] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  299.497002] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  299.503539] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  299.511018] Interruptibility = 00000000  ActivityState = 00000000
[  299.517329] *** Host State ***
[  299.520556] RIP = 0xffffffff812b177c  RSP = 0xffff88811ba6f380
[  299.526660] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  299.533134] FSBase=00007fb777f10700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  299.540949] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  299.546980] CR0=0000000080050033 CR3=0000000115c7f000 CR4=00000000001426f0
[  299.554100] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  299.560772] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  299.566908] *** Control State ***
[  299.570394] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  299.577229] EntryControls=0000d1ff ExitControls=002fefff
[  299.582764] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  299.589734] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  299.596478] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  299.603176]         reason=80000021 qualification=0000000000000000
[  299.609522] IDTVectoring: info=00000000 errcode=00000000
[  299.615100] TSC Offset = 0xffffff5ba669a01d
[  299.619476] TPR Threshold = 0x00
[  299.622956] EPT pointer = 0x000000011c49601e
[  299.655332] *** Guest State ***
[  299.658726] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  299.667710] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  299.676629] CR3 = 0x0000000000000000
[  299.680370] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  299.686443] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  299.692501] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
10:00:48 executing program 0:
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
mkdir(&(0x7f0000000200)='./file0\x00', 0x0)
rename(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file1\x00')

[  299.699206] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  299.707498] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  299.715599] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  299.723671] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  299.731764] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  299.739777] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  299.747842] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  299.755943] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  299.764020] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  299.772268] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  299.780285] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  299.786782] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  299.794320] Interruptibility = 00000000  ActivityState = 00000000
[  299.800576] *** Host State ***
[  299.803838] RIP = 0xffffffff812b177c  RSP = 0xffff88811ba6f380
[  299.809833] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  299.816321] FSBase=00007fb777f10700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  299.824249] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  299.830185] CR0=0000000080050033 CR3=0000000115c7f000 CR4=00000000001426f0
[  299.837318] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ac015f0
[  299.844109] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  299.850195] *** Control State ***
10:00:48 executing program 3:
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/user\x00')

[  299.853785] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  299.860605] EntryControls=0000d1ff ExitControls=002fefff
[  299.866216] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  299.873235] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  299.879946] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  299.886618]         reason=80000021 qualification=0000000000000000
[  299.893018] IDTVectoring: info=00000000 errcode=00000000
[  299.898605] TSC Offset = 0xffffff5b7cb9de52
[  299.903282] TPR Threshold = 0x00
10:00:49 executing program 2:
seccomp(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0xffffff7f7ffffffe}]})
sched_yield()

[  299.904725] *** Guest State ***
[  299.906670] EPT pointer = 0x000000011916e01e
[  299.914583] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  299.923568] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  299.932498] CR3 = 0x0000000000000000
[  299.936237] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  299.942427] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  299.948560] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  299.955542] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  299.963575] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  299.971573] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  299.979651] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  299.987812] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  299.995870] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  300.003931] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  300.011990] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  300.019996] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  300.028097] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  300.036140] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  300.042650] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  300.050128] Interruptibility = 00000000  ActivityState = 00000000
[  300.056475] *** Host State ***
[  300.059699] RIP = 0xffffffff812b177c  RSP = 0xffff88811ba2f380
[  300.065785] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  300.072624] FSBase=00007f324d78d700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  300.080466] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  300.086442] CR0=0000000080050033 CR3=00000001183fd000 CR4=00000000001426e0
[  300.093516] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ac015f0
[  300.100194] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  300.106444] *** Control State ***
[  300.109921] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  300.116675] EntryControls=0000d1ff ExitControls=002fefff
[  300.122213] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  300.129159] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  300.135917] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  300.142581]         reason=80000021 qualification=0000000000000000
[  300.148901] IDTVectoring: info=00000000 errcode=00000000
[  300.154461] TSC Offset = 0xffffff5b5ab3bf81
[  300.158805] TPR Threshold = 0x08
[  300.162300] EPT pointer = 0x0000000116b4101e
10:00:49 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001480)={&(0x7f0000000140)=ANY=[@ANYBLOB="ff020000000000000000000000000001000000003200000000000000000000000000ffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000004c001200526663343130362867636d28616573292900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000"], 0x1}}, 0x0)

10:00:49 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000001, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x5)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000140)={'bridge0\x00\x00\x00\x00\x80\x00', &(0x7f0000000240)=@ethtool_cmd={0x12, 0x0, 0x709000, 0x0, 0x0, 0x0, 0x2}})

10:00:49 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0x5002})
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
dup2(r1, r0)
pipe(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f00000001c0), 0x100000005)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

10:00:49 executing program 4:
perf_event_open(&(0x7f00000001c0)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhci\x00', 0x0, 0x0)
fremovexattr(r0, &(0x7f0000000180)=ANY=[])

10:00:49 executing program 1:
perf_event_open(&(0x7f00000001c0)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$mice(&(0x7f0000002f80)='/dev/input/mice\x00', 0x0, 0x0)

10:00:49 executing program 5:
perf_event_open(&(0x7f00000001c0)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000001240)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$EXT4_IOC_MIGRATE(r0, 0x7003)

10:00:49 executing program 3:
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001fc0)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000880)="eb4727cb7a9372b22db41cc2692b638d08c0d8de44412f1c6a0f082fb1b04033bf150fa8a5acdfdfa135f3cecd2627466c469251446c162ab05f538a4de306adb2d317bd3a52e4305ce9b424", 0x4c}, {0x0}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
openat$vsock(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000100)="66b91000004066b80000000066ba000000000f30baa000eddb8f05000f89ae6a660f3a22efa80f09f00fc709f20f1ab60d0066b93608000066b80000000066ba008000000f3066b9800000c00f326635000800000f30", 0x56}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

10:00:49 executing program 2:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
dup(0xffffffffffffffff)
eventfd2(0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
clone(0x2102001ff4, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount(&(0x7f0000000040)=@nullb='%d::]:0.,[:\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='ceph\x00', 0x0, 0x0)

[  300.722618] libceph: parse_ips bad ip '%d::]:0.,['
[  300.749791] libceph: parse_ips bad ip '%d::]:0.,['
10:00:49 executing program 5:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
write$binfmt_elf64(r0, &(0x7f0000000080)=ANY=[], 0xffdbc2ca)
unlink(&(0x7f0000000100)='./file0\x00')
socketpair$unix(0x1, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0)
clone(0x2100001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
unshare(0x400)
syncfs(0xffffffffffffffff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0x1, 0x2, 0x6d, 0x20000000000001, 0x0, 0x0}, 0xbe)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000080)='./file0\x00', r1}, 0x10)

10:00:49 executing program 4:
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001fc0)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000880)="eb4727cb7a9372b22db41cc2692b638d08c0d8de44412f1c6a0f082fb1b04033bf150fa8a5acdfdfa135f3cecd2627466c469251446c162ab05f538a4de306adb2d317bd3a52e4305ce9b424", 0x4c}], 0x1}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000100)="66b91000004066b80000000066ba000000000f30baa000eddb8f05000f89ae6a660f3a22efa80f09f00fc709f20f1ab60d0066b93608000066b80000000066ba008000000f3066b9800000c00f326635000800000f30", 0x56}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

10:00:49 executing program 2:
perf_event_open(&(0x7f00000001c0)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$video(&(0x7f0000000180)='/dev/video#\x00', 0x0, 0x4000)

10:00:50 executing program 1:
perf_event_open(&(0x7f00000001c0)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getrusage(0x0, &(0x7f0000000000))

[  300.946471] picdev_read: 819 callbacks suppressed
[  300.946561] kvm: pic: non byte read
[  300.972407] kvm: pic: non byte read
[  300.980680] kvm: pic: non byte read
[  301.025863] kvm: pic: non byte read
[  301.040611] kvm: pic: non byte read
[  301.061073] kvm: pic: non byte read
[  301.081379] kvm: pic: non byte read
10:00:50 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c126285718070")
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:00:50 executing program 2:
perf_event_open(&(0x7f00000001c0)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x0, 0x0)

[  301.102075] kvm: pic: non byte read
[  301.112730] kvm: pic: non byte read
[  301.116639] kvm: pic: non byte read
10:00:50 executing program 2:
r0 = perf_event_open(&(0x7f00000001c0)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readv(r0, &(0x7f0000000700)=[{&(0x7f0000000040)=""/46, 0x2e}, {0x0}], 0x2)

10:00:50 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c126285718070")
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:00:50 executing program 0:
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000240)={{{@in6, @in6=@loopback}, {0x0, 0x0, 0x0, 0x101}}, {{}, 0x0, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x8001}}, 0xe8)

10:00:50 executing program 4:
r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000000c0))
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000280)=0x3fffffff)

[  301.527838] kvm [11410]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000014 data 0x0
[  301.538538] kvm [11410]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x4000000a data 0x0
10:00:50 executing program 3:
perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0x910, 0x0, 0x0, 0x0, 0x0, 0xb5a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ip6_tables_targets\x00')
lseek(r1, 0x0, 0x0)

10:00:50 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x1, &(0x7f000039a000)=[{}]}, 0x10)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
r2 = dup(r1)
ioctl$TIOCCONS(r2, 0x541d)
setsockopt$inet6_tcp_int(r1, 0x6, 0xa, &(0x7f0000000000)=0x81, 0x4)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e20}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
setsockopt$IP_VS_SO_SET_ZERO(0xffffffffffffffff, 0x0, 0x48f, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$TIOCLINUX3(0xffffffffffffffff, 0x541c, 0x0)
setsockopt$inet6_int(r2, 0x29, 0xb, &(0x7f0000000280)=0x2, 0x4)
pause()
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x19, 0x0, 0x0)
ioctl$TIOCNXCL(0xffffffffffffffff, 0x540d)
mlock2(&(0x7f0000ffa000/0x6000)=nil, 0x6000, 0x0)
ioctl$TIOCNXCL(0xffffffffffffffff, 0x540d)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0)
r4 = fcntl$getown(r0, 0x9)
ioprio_get$pid(0x7, r4)
pread64(r2, &(0x7f00000002c0)=""/4096, 0x1000, 0x0)
getresgid(&(0x7f00000001c0), &(0x7f00000013c0), &(0x7f0000000240))
getresuid(&(0x7f0000001540), &(0x7f0000001500), &(0x7f0000000200))
ioctl$SNDRV_TIMER_IOCTL_PAUSE(r2, 0x54a3)
ftruncate(r3, 0x7fff)
sendfile(r2, r3, 0x0, 0x8000fffffffe)

10:00:51 executing program 5:
clone(0x13102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x37)
ptrace$cont(0x18, r0, 0x0, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x4, 0xff})
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
pipe(&(0x7f0000000000))
ptrace$cont(0x1f, r0, 0x0, 0x0)

10:00:51 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000000080)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

10:00:51 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c126285718070")
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:00:51 executing program 0:
r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000000c0))
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000280)=0x7fffffff)

10:00:51 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
unshare(0x8000400)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ifreq(r1, 0x8910, &(0x7f0000000700)={'veth0\x00', @ifru_ivalue=0x1})

[  302.077128] binder: 11488:11489 transaction failed 29189/-22, size 0-0 line 2834
[  302.131567] binder: 11488:11489 transaction failed 29189/-22, size 0-0 line 2834
[  302.169496] binder: undelivered TRANSACTION_ERROR: 29189
10:00:51 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c126285718070")
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

[  302.176753] binder: undelivered TRANSACTION_ERROR: 29189
10:00:51 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x3)
r1 = memfd_create(&(0x7f00000001c0)='ppp0+,selfppp0vmnet1proc\']\x00', 0x0)
r2 = syz_open_dev$sndseq(&(0x7f0000050000)='/dev/snd/seq\x00', 0x0, 0x101001)
r3 = dup2(r2, r1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, '\x9e\xdez\x8cZ\xe9^\xc8g,\x934\x0fd:fO\x13\xee\xabe\xc02)\x01\xdck\xd3l\xde,Q\xf0\x1b\x7f\v\x01O\x9f\x91\xee\xb7\xc3|r@\xf4v\xc8\xd7S\xd0\x00\xaa\x8f\xaf\x8f\xb5t\xdb\xcf\xa6\xdcM'})
write$sndseq(r1, &(0x7f0000042f70)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}], 0x30)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")

10:00:51 executing program 5:
r0 = socket$inet6(0xa, 0x80002, 0x100000000000088)
bind$inet6(r0, &(0x7f0000d85fe4)={0xa, 0x4e23}, 0x1c)
r1 = socket$inet6(0xa, 0x802, 0x88)
setsockopt$inet6_udp_int(r1, 0x11, 0x100000000a, &(0x7f0000000480)=0x9, 0x4)
sendto$inet6(r1, 0x0, 0x0, 0x8800, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c)
sendto$inet6(r1, &(0x7f0000000d40)="ddd9", 0x2, 0x0, 0x0, 0x0)
ioctl$sock_SIOCINQ(r0, 0x541b, 0x0)

10:00:51 executing program 3:
r0 = memfd_create(&(0x7f00000001c0)='ppp0+,selfppp0vmnet1proc\']\x00', 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000050000)='/dev/snd/seq\x00', 0x0, 0x101001)
dup2(r1, r0)
write$sndseq(r0, &(0x7f0000042f70)=[{0x0, 0x0, 0x0, 0xfffffffe, @tick, {}, {}, @addr}], 0x30)

10:00:51 executing program 4:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f00000000c0)=0x1, 0x4)
r1 = socket$inet6(0xa, 0x4, 0xf)
recvmsg(r1, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=""/18, 0x12}, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0xa, 0x10000000004e21}, 0x1c)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='clear_refs\x00')
r3 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0)
r4 = open$dir(&(0x7f0000000000)='./file0\x00', 0x105000, 0x0)
write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200)
fstat(0xffffffffffffffff, 0x0)
stat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380))
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000600), &(0x7f0000000640)=0xc)
fstat(r2, &(0x7f0000000680))
getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000700)={{{@in6=@local, @in=@empty}}, {{@in=@loopback}, 0x0, @in=@multicast1}}, &(0x7f0000000800)=0xe8)
getresgid(&(0x7f0000000840), &(0x7f0000000880), &(0x7f00000008c0))
lstat(&(0x7f0000000900)='./file1\x00', &(0x7f0000000940))
sendfile(r3, r4, 0x0, 0x10000)
r5 = open(&(0x7f0000000180)='./file0\x00', 0x8000000000141042, 0x0)
ioctl$UI_BEGIN_FF_UPLOAD(r3, 0xc06855c8, &(0x7f00000002c0)={0x0, 0x0, {0x0, 0x0, 0xfa5, {0x5, 0x400}, {0x7, 0x2}, @const={0xfffffffffffffffb, {0x9, 0x0, 0x1}}}, {0x57, 0x0, 0x5, {0x0, 0x400}, {0xfffffffffffff801, 0x8}, @ramp={0x0, 0x0, {0x803, 0x0, 0x7fff, 0x20}}}})
ioctl$TCSBRK(r5, 0x5409, 0x0)
sendfile(r5, r5, 0x0, 0xa198)
recvmsg(r0, &(0x7f0000000400)={&(0x7f00000001c0)=@nl=@proc, 0x80, 0x0}, 0x2000)

10:00:51 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c126285718070")
getdents64(0xffffffffffffffff, &(0x7f0000000080)=""/115, 0x2bd)

10:00:51 executing program 2:
r0 = memfd_create(&(0x7f00000001c0)='ppp0+,selfppp0vmnet1proc\']\x00', 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000050000)='/dev/snd/seq\x00', 0x0, 0x0)
r2 = dup2(r1, r0)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r2, 0xc0bc5310, &(0x7f00000000c0))

10:00:51 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-twofish-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000040)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20)
r1 = socket$inet6(0xa, 0x803, 0x7)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0a5c2d023c126285718070")
r2 = accept$alg(r0, 0x0, 0x0)
write$binfmt_script(r2, &(0x7f0000000580)=ANY=[@ANYPTR, @ANYPTR64], 0xffffff1e)
r3 = fcntl$dupfd(r2, 0x0, r1)
write$P9_RMKNOD(r3, 0x0, 0x0)

10:00:51 executing program 1:
socket$inet6(0xa, 0x3, 0x3)
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r0, &(0x7f0000000080)=""/115, 0x2bd)

10:00:51 executing program 0:
perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
timer_create(0x3, 0x0, &(0x7f00000003c0))

10:00:51 executing program 5:
r0 = socket$inet6(0xa, 0x803, 0x3)
r1 = memfd_create(&(0x7f00000001c0)='ppp0+,selfppp0vmnet1proc\']\x00', 0x0)
r2 = syz_open_dev$sndseq(&(0x7f0000050000)='/dev/snd/seq\x00', 0x0, 0x101001)
r3 = dup2(r2, r1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, '\x9e\xdez\x8cZ\xe9^\xc8g,\x934\x0fd:fO\x13\xee\xabe\xc02)\x01\xdck\xd3l\xde,Q\xf0\x1b\x7f\v\x01O\x9f\x91\xee\xb7\xc3|r@\xf4v\xc8\xd7S\xd0\x00\xaa\x8f\xaf\x8f\xb5t\xdb\xcf\xa6\xdcM'})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(0xffffffffffffffff, 0x40bc5311, 0x0)
write$sndseq(r1, &(0x7f0000042f70)=[{0x0, 0xfdffffff, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {0x6}, {}, @addr}], 0xffffffbd)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")

10:00:51 executing program 4:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fcntl$setstatus(r1, 0x4, 0x44000)
io_setup(0x400000000000103, &(0x7f0000000000)=<r2=>0x0)
truncate(&(0x7f0000000080)='./bus\x00', 0xda)
io_submit(r2, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x377140be6b5ef4c7}])
io_submit(r2, 0x1, &(0x7f00000019c0)=[&(0x7f0000000500)={0x0, 0x0, 0x0, 0x1, 0x0, r1, 0x0, 0x0, 0x1}])

10:00:52 executing program 0:
signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8)

10:00:52 executing program 1:
socket$inet6(0xa, 0x3, 0x3)
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r0, &(0x7f0000000080)=""/115, 0x2bd)

10:00:52 executing program 4:

10:00:52 executing program 0:
signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8)

10:00:52 executing program 2:

10:00:52 executing program 3:

10:00:52 executing program 1:
socket$inet6(0xa, 0x3, 0x3)
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r0, &(0x7f0000000080)=""/115, 0x2bd)

10:00:52 executing program 0:

10:00:52 executing program 4:

10:00:52 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000331000)={0x1, 0x8, 0x7, 0x9, 0x0, 0x1}, 0x2c)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r0, &(0x7f00000000c0)="d0", 0x0}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000000)={r0, &(0x7f0000000180), 0x0}, 0x18)

10:00:52 executing program 5:

10:00:52 executing program 3:

10:00:52 executing program 4:

10:00:52 executing program 1:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c126285718070")
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r0, &(0x7f0000000080)=""/115, 0x2bd)

10:00:52 executing program 0:

10:00:52 executing program 2:

10:00:52 executing program 3:

10:00:52 executing program 5:

10:00:52 executing program 4:

10:00:52 executing program 1:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c126285718070")
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r0, &(0x7f0000000080)=""/115, 0x2bd)

10:00:52 executing program 0:

10:00:53 executing program 2:

10:00:53 executing program 3:

10:00:53 executing program 1:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c126285718070")
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r0, &(0x7f0000000080)=""/115, 0x2bd)

10:00:53 executing program 5:

10:00:53 executing program 4:
r0 = socket(0x200000000000011, 0x3, 0x0)
io_setup(0x4, &(0x7f0000000140)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000004c0)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x7, 0x0, r0, &(0x7f0000000240)="00a11550862e62", 0x7}])

10:00:53 executing program 0:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x2, 0x4e20, @loopback}, 0x10)

10:00:53 executing program 5:
ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x41007701, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
pipe(&(0x7f0000000480))
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f00000006c0)={0x6, &(0x7f0000000640)=[{}, {}, {}, {}, {}, {}]})
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x40000000000003b, &(0x7f0000000000)=@dstopts, 0x8)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c)
connect$l2tp(0xffffffffffffffff, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}, 0x4}}, 0x26)
sendmmsg(r0, &(0x7f0000005fc0), 0x8000000000000fc, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
name_to_handle_at(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x8, 0x4e}, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f00000002c0), 0x0)
connect$l2tp(0xffffffffffffffff, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e22, @broadcast}, 0x4, 0x4}}, 0x2e)
connect$can_bcm(0xffffffffffffffff, &(0x7f0000002ff0), 0x10)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000005c0))

10:00:53 executing program 2:
ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x41007701, &(0x7f00000001c0)='/dev/usbmon#\x00')
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
pipe(&(0x7f0000000480))
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f00000006c0)={0x5, &(0x7f0000000640)=[{}, {}, {}, {}, {}]})
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x40000000000003b, &(0x7f0000000000)=@dstopts, 0x8)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c)
connect$l2tp(0xffffffffffffffff, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}, 0x4}}, 0x26)
sendmmsg(r0, &(0x7f0000005fc0), 0x8000000000000fc, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
name_to_handle_at(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000380), 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f00000002c0), 0x0)
connect$l2tp(0xffffffffffffffff, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e22, @broadcast}, 0x4, 0x4}}, 0x2e)
connect$can_bcm(0xffffffffffffffff, &(0x7f0000002ff0), 0x10)

10:00:53 executing program 3:

10:00:53 executing program 1:
r0 = socket$inet6(0xa, 0x0, 0x3)
ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c126285718070")
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:00:53 executing program 0:

10:00:53 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000007c0), 0x4)
bind$inet(r0, &(0x7f0000000840)={0x2, 0x4e20, @loopback}, 0x10)

10:00:53 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
ioctl(r0, 0x3000008912, &(0x7f0000000080)="0a5c2d0329127c85718070")
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:00:53 executing program 1:
r0 = socket$inet6(0xa, 0x0, 0x3)
ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c126285718070")
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:00:53 executing program 0:
perf_event_open(&(0x7f00000001c0)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_ifreq(r0, 0x8992, &(0x7f0000000080)={'ip6gre0\x00', @ifru_data=0x0})

[  304.774075] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
10:00:53 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000007c0)=0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r0, &(0x7f0000000840)={0x2, 0x4e20, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000e40)="ba671368d1010000004900000001000000018be49e9301442865319997d0efdb2f54b6a10c7327757482bfce945c2a91fb8dfafc1d3f56bc543ab87321e12cca08a744a2d128b00634bc882151d36809229a96bc3437ef159489384ade077ba295eac2882dbfd3781dd4d4e609c42628dbb709b3eb1fa030009045dd98b9e6d77b6cec9ceb685595d43995e0f04c32260943add79831e661c6a351dedc8b9d220fbf9fb6e44fb6a629ce9a82025124fec9f3ee751f7da0cd7e799be88ddbdac20b48e890ff81d7fa28c2d017d7932f732569038740461accd4582f576e4fdb6150a3399f8266bc19eb943648ad1ad81420ed6c382436e474390c8995e829e4f9df43eed85a60b9ee254e31eb62900857fa134e76cc64880334adbff069a2e5e647d2ed06a96b23834b6f6ca6b8113baf4cf30347fab7ffc30aea99872cc0dba03b0756347b2d257edbe2733c26b7337a79962d8ce85469e3bcbe0e4a48a6ae69d13f2d4b5155b390ef67aa714b82b6313ee277cb8986eca5db2e97cb1ae2243bba80274f614ece521baef443394b4c161cb9ae926e21892578b49cfd6efe1cb1572148c10d92218ed73ec116a18de80ac42d2726a4523a764fc6dc356c5fbbf9d2c947ae3bc9a3dc76099f3257c8d5952876151b0326d8cb1d5683ee4ad5ded9a34c00ac1b03f34627ec18a7c2e92c87b7896549cfab5eb55fa85a970994bd4b22b5f0d045e241256d06f485a47b4a55ed389bc1734541232cd41908b5cfa4b8fcfcafce500a0c7ae99767713a98e7927aa69f6ccd7daea62f19ceb82559f41899c9a9aee99113e7e64b5f8b9824be9fdbfa4dd4995673d882bb4daeb64413b334e114965d2ba3cea8051e692508761b9400cb12eae457f8b8549944091b729160939918d8fcae611a5ded665f770db637487a236da1a58ba7566668651a77171fc4fe506496d19059343dbe4f426625d3f2b705f545c1372361770bf5a9098a9fafefaf546426b294239ac33e3186e4d58ad2fa995a6ad4dc07317c4b198c05e7d1190c0416d102bcfc26ca11aead109563b2076c7c6e9f57ec63df960804e2e7f9d8c37b49ba1e102cd91a187d444de9550cca3df7834d864e9777291c2e1f6205de2e43dc995ab8bb1515a365efc2830fa3e7a1dd137f550d6035212bc1f51c3b4ceea430df49ffc9210084ef156ad7e0d219efd6c116693735b44521d389969a3a65617cd2fd6e14060601cee4cd054cf36fe048b57d1d9ee3cad2a73552449926b4a6b03fbe9c0ec6830c0aefb7ee8236747e0d67a26725fb515544cbbe8464da94cfd8c0b94bb4e51a263b1749bd0a7cf651931f806d1b928d1f9994f1ad4d50e6a5cd7a8e4e687f8564fdacc864013d095ba9d5709eced3c28eabda477836400a01e02beeb5a6636d4064fdda344967ad8682d14b87c71727cb66be27d1d39191f4223c545b62fb4860262ba8076a65dbc194cee1df846c584b7bbe9dce6e6895b2cbbb64b03b55548b845cc3de2f939ef918421af9a5e91592d0ddee06bd22a31522aca0f309b1feccebc0b1c0ed9d21c19bfd15cd313ff64394fd6a10904890c9f6d646b026f2000000000000000000000000000000000000000f3978", 0x481, 0x0, 0x0, 0x0)

10:00:53 executing program 5:
r0 = memfd_create(&(0x7f0000000200)='\x00\x00\x00,*3U\xbd\xdd\xf0\r\r\xc1\xecB\x85\x00\x00\x003\xd2fF!\x87\"\'\v\xde\xc4\xba\xf4\b\x11\xd8+\x9a\x8c\xe2\x91yf9\xbc\x10i\xc0\xea+B@\xad\x9c\xcb\xdf\xb9\x02\x97\x9d\xe3hS\x8aq\xb1V\xa6\xe9\'\xd5\x8c\x18\xc2\xd1\xcfR\xe1_\xeceDzb\xccB:\xf7\n\xc3\x13\xfa\xa9\x06pi\xf1\x92\xed\xf9\xb9\xbbVa\xa5\xac\x88C\xc6D\xc5\xca\x82\x14\xb5\x9b\x01\x1f\x88\xbdT\x87\xec:w\xa3', 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x8000003})
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x2, 0x11, r0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mincore(&(0x7f0000006000/0x2000)=nil, 0x2000, &(0x7f00000000c0)=""/15)

10:00:54 executing program 0:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uhid\x00', 0x400000002, 0x0)
write$UHID_SET_REPORT_REPLY(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="0e31ad4a3476850e4b842fae7a829010dfbf8937a192953b6027"], 0x1)

10:00:54 executing program 1:
r0 = socket$inet6(0xa, 0x0, 0x3)
ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c126285718070")
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:00:54 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x2, 0x4e20, @loopback}, 0x10)

10:00:54 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = perf_event_open(&(0x7f000025c000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2, 0x11, r2, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0x1fffff, 0x1000004, 0x8031, 0xffffffffffffffff, 0x0)

10:00:54 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x4}, 0x1c)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @ipv4={[], [], @multicast1}}, 0x1c)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000280)=0xff, 0x4)
sendmmsg(r0, &(0x7f00000002c0), 0x4000000000000ce, 0x0)
setsockopt$inet_dccp_buf(0xffffffffffffffff, 0x21, 0x0, 0x0, 0x2ce)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
pipe2(0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0x801c581f, 0x0)
ioctl$FS_IOC_SETFSLABEL(0xffffffffffffffff, 0x41009432, 0x0)
clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

10:00:54 executing program 0:
perf_event_open(&(0x7f00000001c0)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000080)={'ip6gre0\x00', @ifru_data=&(0x7f0000000040)="75c263b6536442e26fa28ebb9b09acbb07b67d99463931d6ae20d72009ad5689"})

10:00:54 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x0)
ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c126285718070")
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:00:54 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:00:54 executing program 2:
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x803, 0x3)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
ioctl$RTC_WKALM_RD(r0, 0x80247009, &(0x7f0000000040))

10:00:54 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x0)
ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c126285718070")
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

[  305.857716] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
10:00:55 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
clone(0x200000041fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = getpid()
rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f00000000c0))
ptrace(0x10, r1)
ptrace$getsig(0x4203, r1, 0x0, 0x0)

10:00:55 executing program 5:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f0000001e80)=[{{&(0x7f00000002c0)=@in={0x2, 0x4e21, @broadcast}, 0x80, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1000000000000000020000003d0000000000010000000000000000000020dddaf5274020"], 0x24}}], 0x1, 0x0)
sendmmsg(r0, &(0x7f0000000440), 0x400000000000211, 0x810)

10:00:55 executing program 4:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2, 0x0)
write$sndseq(r0, &(0x7f0000000080)=[{0x5, 0x0, 0x0, 0x0, @tick, {}, {}, @time}], 0x1c)

10:00:55 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x0)
ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c126285718070")
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:00:55 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_GET_NESTED_STATE(r2, 0xc080aebe, &(0x7f0000002000)={0x0, 0x0, 0x2080})

10:00:55 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:00:55 executing program 4:
mkdir(&(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
name_to_handle_at(r0, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000240)={0xc, 0x0, "726864a1"}, 0x0, 0x0)

10:00:55 executing program 5:
ioctl$ASHMEM_SET_SIZE(0xffffffffffffffff, 0x40087703, 0x100000fffffffe)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
pipe(&(0x7f0000000480))
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000540)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0)
ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f00000006c0)={0x8, &(0x7f0000000640)=[{}, {}, {}, {}, {}, {}, {}, {}]})
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/ppp\x00', 0x0, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\x00\x00'], 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c)
connect$l2tp(0xffffffffffffffff, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}, 0x4}}, 0x26)
sendmmsg(r0, &(0x7f0000005fc0), 0x8000000000000fc, 0x0)

10:00:55 executing program 1:
socket$inet6(0xa, 0x3, 0x3)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c126285718070")
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r0, &(0x7f0000000080)=""/115, 0x2bd)

10:00:55 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_GET_NESTED_STATE(r2, 0xc080aebe, &(0x7f0000002000)={0x0, 0x0, 0x2080})

10:00:55 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:00:55 executing program 4:
r0 = memfd_create(&(0x7f00000001c0)='ppp0+,selfppp0vmnet1proc\']\x00', 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000050000)='/dev/snd/seq\x00', 0x0, 0x101001)
r2 = dup2(r1, r0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, '\x9e\xdez\x8cZ\xe9^\xc8g,\x934\x0fd:fO\x13\xee\xabe\xc02)\x01\xdck\xd3l\xde,Q\xf0\x1b\x7f\v\x01O\x9f\x91\xee\xb7\xc3|r@\xf4v\xc8\xd7S\xd0\x00\xaa\x8f\xaf\x8f\xb5t\xdb\xcf\xa6\xdcM'})
write$sndseq(r0, &(0x7f0000042f70)=[{0x0, 0x1e, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {0x6}, {}, @addr}], 0xffffffbd)

10:00:55 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
clone(0x200000041fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = getpid()
rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f00000000c0))
ptrace(0x10, r1)
ptrace$getsig(0x4203, r1, 0x0, 0x0)

10:00:55 executing program 1:
socket$inet6(0xa, 0x3, 0x3)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c126285718070")
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r0, &(0x7f0000000080)=""/115, 0x2bd)

10:00:55 executing program 2:
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001fc0)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000880)="eb4727cb7a9372b22db41cc2692b638d08c0d8de44412f1c6a0f082fb1b04033bf150fa8a5acdfdfa135f3cecd2627466c469251446c162ab05f538a4de306adb2d317bd3a52e4305ce9b424", 0x4c}, {0x0}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000100)="66b91000004066b80000000066ba000000000f30baa000eddb8f05000f89ae6a660f3a22efa80f09f00fc709f20f1ab60d0066b93608000066b80000000066ba008000000f3066b9800000c00f326635000800000f30", 0x56}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

10:00:56 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:00:56 executing program 1:
socket$inet6(0xa, 0x3, 0x3)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c126285718070")
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r0, &(0x7f0000000080)=""/115, 0x2bd)

[  307.207643] picdev_read: 290 callbacks suppressed
[  307.207659] kvm: pic: non byte read
[  307.217823] kvm: pic: non byte read
[  307.231143] kvm: pic: non byte read
[  307.235377] kvm: pic: non byte read
[  307.239468] kvm: pic: non byte read
[  307.244682] kvm: pic: non byte read
[  307.248885] kvm: pic: non byte read
[  307.253579] kvm: pic: non byte read
10:00:56 executing program 4:
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000000)=ANY=[], 0xffffff3e)
fallocate(r2, 0x10, 0x0, 0xcd55)
close(r2)

[  307.257631] kvm: pic: non byte read
[  307.262412] kvm: pic: non byte read
10:00:56 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x0, &(0x7f00000006c0)="0a5c2d023c126285718070")
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:00:56 executing program 5:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x4000000002, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$smack_current(r0, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x20000320)

10:00:56 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:00:56 executing program 5:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x4000000002, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$smack_current(r0, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x20000320)

10:00:56 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x0, &(0x7f00000006c0)="0a5c2d023c126285718070")
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:00:56 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:00:56 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
clone(0x200000041fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = getpid()
rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f00000000c0))
ptrace(0x10, r1)
ptrace$getsig(0x4203, r1, 0x0, 0x0)

10:00:56 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x0, &(0x7f00000006c0)="0a5c2d023c126285718070")
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:00:57 executing program 5:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x4000000002, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$smack_current(r0, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x20000320)

10:00:57 executing program 2:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
clone(0x2102001ff4, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1)

10:00:57 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:00:57 executing program 4:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vcs\x00', 0x2, 0x0)
write$smack_current(r0, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x20000320)

10:00:57 executing program 5:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x4000000002, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$smack_current(r0, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x20000320)

10:00:57 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000100)={r0, r1})

10:00:57 executing program 2:
ioctl$BLKRAGET(0xffffffffffffffff, 0x1263, 0x0)
clone(0x20002104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000140)={'syz'}, 0x0, 0x0, 0xfffffffffffffffc)
add_key(&(0x7f00000000c0)='encrypted\x00', &(0x7f0000000080)={'syz'}, &(0x7f0000000180)="ab", 0x1, r0)
keyctl$chown(0x4, r0, 0x0, 0x0)

10:00:57 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:00:57 executing program 5:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x4000000002, 0x0)
write$smack_current(r0, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x20000320)

10:00:57 executing program 2:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2, 0x0)
write$sndseq(r0, &(0x7f0000000080)=[{0x5, 0xfdffffff, 0x0, 0x0, @tick, {}, {}, @time}], 0x1c)

10:00:57 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:00:57 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
clone(0x200000041fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = getpid()
rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f00000000c0))
ptrace(0x10, r1)
ptrace$getsig(0x4203, r1, 0x0, 0x0)

10:00:57 executing program 4:
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001fc0)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000880)="eb4727cb7a9372b22db41cc2692b638d08c0d8de44412f1c6a0f082fb1b04033bf150fa8a5acdfdfa135f3cecd2627466c469251446c162ab05f538a4de306adb2d317bd3a52e4305ce9b424", 0x4c}], 0x1}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000200), 0x38c, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$inet6_IPV6_ADDRFORM(0xffffffffffffffff, 0x29, 0x1, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000100)="66b91000004066b80000000066ba000000000f30baa000eddb8f05000f89ae6a660f3a22efa80f09f00fc709f20f1ab60d0066b93608000066b80000000066ba008000000f3066b9800000c00f326635000800000f30", 0x56}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

10:00:57 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, &(0x7f0000000100)={r0})

10:00:57 executing program 5:
write$smack_current(0xffffffffffffffff, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x20000320)

10:00:57 executing program 2:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2, 0x0)
write$sndseq(r0, &(0x7f0000000080)=[{0x5, 0xfdffffff, 0x0, 0x0, @tick, {}, {}, @time}], 0x1c)

10:00:57 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x1000008912, &(0x7f00000006c0))
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:00:57 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x1000008912, &(0x7f00000006c0))
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:00:57 executing program 5:
r0 = openat$vcs(0xffffffffffffff9c, 0x0, 0x4000000002, 0x0)
write$smack_current(r0, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x20000320)

10:00:57 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:00:58 executing program 2:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2, 0x0)
write$sndseq(r0, &(0x7f0000000080)=[{0x5, 0xfdffffff, 0x0, 0x0, @tick, {}, {}, @time}], 0x1c)

10:00:58 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x1000008912, &(0x7f00000006c0))
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:00:58 executing program 2:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2, 0x0)
write$sndseq(r0, &(0x7f0000000080)=[{0x5, 0xfdffffff, 0x0, 0x0, @tick, {}, {}, @time}], 0x1c)

10:00:58 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
clone(0x200000041fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = getpid()
rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f00000000c0))
ptrace$getsig(0x4203, r1, 0x0, 0x0)

10:00:58 executing program 5:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x0, 0x0)
write$smack_current(r0, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x20000320)

10:00:58 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:00:58 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c12")
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:00:58 executing program 2:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$sndseq(0xffffffffffffffff, &(0x7f0000000080)=[{0x5, 0xfdffffff, 0x0, 0x0, @tick, {}, {}, @time}], 0x1c)

10:00:58 executing program 4:
unshare(0x0)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2, 0x0)
write$sndseq(r0, &(0x7f0000000080)=[{0x5, 0xfdffffff, 0x0, 0x0, @tick, {}, {}, @time}], 0x1c)

10:00:58 executing program 5:
openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x4000000002, 0x0)
write$smack_current(0xffffffffffffffff, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x20000320)

10:00:58 executing program 2:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2, 0x0)
write$sndseq(r0, &(0x7f0000000080)=[{0x5, 0xfdffffff, 0x0, 0x0, @tick, {}, {}, @time}], 0x1c)

10:00:58 executing program 4:
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000440)={0x0, 0x0, 0x1}, 0x14)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000480)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000180)='veno\x00', 0x5)
sendto$inet6(r1, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x12, 0x0, @thr={&(0x7f0000000340), 0x0}}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x1c9c380}}, &(0x7f0000040000))
tkill(r2, 0x401104000000016)

10:00:58 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c12")
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:00:58 executing program 0:
bind$inet(0xffffffffffffffff, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r1 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, &(0x7f0000000100)={0xffffffffffffffff, r0})

10:00:58 executing program 5:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x4000000002, 0x0)
write$smack_current(r0, 0x0, 0x0)

10:00:59 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
clone(0x200000041fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = getpid()
rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f00000000c0))
ptrace$getsig(0x4203, r1, 0x0, 0x0)

10:00:59 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c12")
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:00:59 executing program 2:
r0 = openat$sequencer(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$sndseq(r0, &(0x7f0000000080)=[{0x5, 0xfdffffff, 0x0, 0x0, @tick, {}, {}, @time}], 0x1c)

10:00:59 executing program 5:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x4000000002, 0x0)
write$smack_current(r0, 0x0, 0x0)

10:00:59 executing program 4:
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001fc0)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000880)="eb4727cb7a9372b22db41cc2692b638d08c0d8de44412f1c6a0f082fb1b04033bf150fa8a5acdfdfa135f3cecd2627466c469251446c162ab05f538a4de306adb2d317bd3a52e4305ce9b424", 0x4c}], 0x1}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000100)="66b91000004066b80000000066ba000000000f30baa000eddb8f05000f89ae6a660f3a22efa80f09f00fc709f20f1ab60d0066b93608000066b80000000066ba008000000f3066b9800000c00f326635000800000f30", 0x56}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

10:00:59 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:00:59 executing program 5:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x4000000002, 0x0)
write$smack_current(r0, 0x0, 0x0)

10:00:59 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c12628571")
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:00:59 executing program 2:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x0, 0x0)
write$sndseq(r0, &(0x7f0000000080)=[{0x5, 0xfdffffff, 0x0, 0x0, @tick, {}, {}, @time}], 0x1c)

10:00:59 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, 0x0, 0x0)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:00:59 executing program 4:
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_WKALM_RD(r0, 0x80287010, &(0x7f0000000080))

10:00:59 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c12628571")
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:01:00 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
clone(0x200000041fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = getpid()
rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f00000000c0))
ptrace$getsig(0x4203, r1, 0x0, 0x0)

10:01:00 executing program 5:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000440)='net/tcp6\x00')
preadv(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x0)

10:01:00 executing program 2:
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2, 0x0)
write$sndseq(0xffffffffffffffff, &(0x7f0000000080)=[{0x5, 0xfdffffff, 0x0, 0x0, @tick, {}, {}, @time}], 0x1c)

10:01:00 executing program 4:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3b7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_RESET(r1, 0xc008240a, 0x70effb)

10:01:00 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c12628571")
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:01:00 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x0, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:01:00 executing program 4:
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
getresgid(0x0, 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
mount$fuseblk(0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$media(0x0, 0x0, 0x0)
capset(0x0, 0x0)
clone(0x20002104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000140)={'syz'}, 0x0, 0x0, 0xfffffffffffffffc)
add_key(&(0x7f00000000c0)='encrypted\x00', &(0x7f0000000080)={'syz'}, &(0x7f0000000180)="ab", 0x1, r0)
keyctl$chown(0x4, r0, 0x0, 0x0)
pivot_root(0x0, 0x0)

10:01:00 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c1262857180")
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:01:00 executing program 2:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2, 0x0)
write$sndseq(r0, 0x0, 0x0)

10:01:00 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

[  311.588268] encrypted_key: insufficient parameters specified
10:01:00 executing program 5:
mount$fuseblk(0x0, 0x0, 0x0, 0x0, 0x0)
clone(0x20002104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000140)={'syz'}, 0x0, 0x0, 0xfffffffffffffffc)
add_key(&(0x7f00000000c0)='encrypted\x00', &(0x7f0000000080)={'syz'}, &(0x7f0000000180)="ab", 0x1, r0)
keyctl$chown(0x4, r0, 0x0, 0x0)

10:01:00 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c1262857180")
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:01:01 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
clone(0x200000041fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = getpid()
ptrace(0x10, r1)
ptrace$getsig(0x4203, r1, 0x0, 0x0)

10:01:01 executing program 2:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2, 0x0)
write$sndseq(r0, 0x0, 0x0)

10:01:01 executing program 4:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
clone(0x200000041fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = getpid()
rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f00000000c0))
ptrace(0x10, r1)
ptrace$getsig(0x8, r1, 0x0, 0x0)

10:01:01 executing program 5:
sendmsg$IPVS_CMD_NEW_DEST(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)={0x5c, 0x0, 0x0, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_DAEMON={0x40, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @loopback}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'nr0\x00'}]}]}, 0x5c}}, 0x0)
write$evdev(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x2, 0x28001)
write$evdev(r0, &(0x7f0000000040)=[{}, {}], 0x52a)

10:01:01 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:01:01 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c1262857180")
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:01:01 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
clone(0x200000041fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = getpid()
ptrace(0x10, r1)
ptrace$getsig(0x4203, r1, 0x0, 0x0)

10:01:01 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c126285718070")
r1 = syz_open_procfs(0x0, 0x0)
getdents64(r1, &(0x7f0000000080)=""/115, 0x2bd)

10:01:01 executing program 2:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2, 0x0)
write$sndseq(r0, 0x0, 0x0)

10:01:01 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000), 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:01:01 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
clone(0x200000041fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = getpid()
ptrace(0x10, r1)
ptrace$getsig(0x4203, r1, 0x0, 0x0)

10:01:01 executing program 5:
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0)
ioctl$EVIOCGVERSION(r0, 0x80044501, &(0x7f0000002300)=""/4096)

10:01:01 executing program 2:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2, 0x0)
write$sndseq(r0, &(0x7f0000000080), 0x0)

10:01:01 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c126285718070")
syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(0xffffffffffffffff, &(0x7f0000000080)=""/115, 0x2bd)

10:01:02 executing program 4:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_GET_NEXT_ID(0xb, 0x0, 0x0)
r1 = getgid()
setregid(r1, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x100000b5, 0x0)
ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, &(0x7f0000000380))
lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100))
arch_prctl$ARCH_SET_CPUID(0x1012, 0x2)
fstat(r0, &(0x7f0000000240))
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x100, 0x0)
ioctl$TIOCGLCKTRMIOS(r2, 0x5456, &(0x7f00000002c0)={0x45, 0x0, 0x5, 0x81, 0x4, 0x8, 0x1, 0x100, 0x4, 0xfffffffffffffffe, 0x5, 0x20})
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00')
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x800, 0x40)
preadv(r3, &(0x7f0000000480), 0x1000000000000181, 0x0)
socket$key(0xf, 0x3, 0x2)

10:01:02 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
clone(0x200000041fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
rt_tgsigqueueinfo(0x0, 0x0, 0x16, &(0x7f00000000c0))
ptrace(0x10, 0x0)
ptrace$getsig(0x4203, 0x0, 0x0, 0x0)

10:01:02 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:01:02 executing program 5:
ioctl$sock_inet_SIOCGARP(0xffffffffffffffff, 0x8954, &(0x7f0000000180)={{0x2, 0x0, @broadcast}, {0x0, @remote}, 0x0, {}, 'ip4gre0\x00\x00\x00\x00\a\x00'})
mremap(&(0x7f0000006000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil)

10:01:02 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x3)
ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0a5c2d023c126285718070")
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents64(r1, 0x0, 0x0)

10:01:02 executing program 2:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2, 0x0)
write$sndseq(r0, &(0x7f0000000080), 0x0)

10:01:02 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
clone(0x200000041fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
rt_tgsigqueueinfo(0x0, 0x0, 0x16, &(0x7f00000000c0))
ptrace(0x10, 0x0)
ptrace$getsig(0x4203, 0x0, 0x0, 0x0)

10:01:02 executing program 2:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2, 0x0)
write$sndseq(r0, &(0x7f0000000080), 0x0)

10:01:02 executing program 5:
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x2, 0x28001)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
write$evdev(r0, &(0x7f00000002c0)=[{{0x77359400}}, {{0x0, 0x7530}}], 0x30)

10:01:02 executing program 1:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_GET_NEXT_ID(0xb, 0x0, 0x0)
r1 = getgid()
setregid(r1, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x100000b5, 0x0)
ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, &(0x7f0000000380))
lstat(&(0x7f0000000040)='./file0\x00', 0x0)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x2)
fstat(r0, &(0x7f0000000240))
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x100, 0x0)
ioctl$TIOCGLCKTRMIOS(r2, 0x5456, &(0x7f00000002c0)={0x45, 0x0, 0x5, 0x81, 0x4, 0x8, 0x1, 0x100, 0x4, 0xfffffffffffffffe, 0x5, 0x20})
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00')
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x800, 0x0)
preadv(r3, &(0x7f0000000480), 0x1000000000000181, 0x0)
socket$key(0xf, 0x3, 0x2)

10:01:02 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
clone(0x200000041fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
rt_tgsigqueueinfo(0x0, 0x0, 0x16, &(0x7f00000000c0))
ptrace(0x10, 0x0)
ptrace$getsig(0x4203, 0x0, 0x0, 0x0)

10:01:02 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:01:02 executing program 4:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_GET_NEXT_ID(0xb, 0x0, 0x0)
r1 = getgid()
setregid(r1, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x100000b5, 0x0)
ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, &(0x7f0000000380))
lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100))
arch_prctl$ARCH_SET_CPUID(0x1012, 0x2)
fstat(r0, &(0x7f0000000240))
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x100, 0x0)
ioctl$TIOCGLCKTRMIOS(r2, 0x5456, &(0x7f00000002c0)={0x45, 0x0, 0x5, 0x81, 0x4, 0x8, 0x1, 0x100, 0x4, 0xfffffffffffffffe, 0x5, 0x20})
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00')
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x800, 0x0)
preadv(r3, &(0x7f0000000480), 0x1000000000000181, 0x0)
socket$key(0xf, 0x3, 0x2)

10:01:02 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = getpid()
rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f00000000c0))
ptrace(0x10, r1)
ptrace$getsig(0x4203, r1, 0x0, 0x0)

10:01:02 executing program 2:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2, 0x0)
write$sndseq(r0, &(0x7f0000000080)=[{0x0, 0xfdffffff, 0x0, 0x0, @tick, {}, {}, @time}], 0x1c)

10:01:02 executing program 5:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000013c0)={{{@in, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@local, 0x4d6, 0x32}, 0x0, @in6, 0x0, 0x0, 0x0, 0x5}}, 0xe8)
connect$inet6(r1, &(0x7f0000000140)={0xa, 0xffffffffffffffff, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x18}}}, 0x1c)
sendmmsg(r1, &(0x7f0000000240), 0x5c3, 0x0)

10:01:02 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x0, 0x0, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:01:02 executing program 1:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_open_procfs(0x0, &(0x7f0000000200)='cwd/.\x00\x00\x00\xd8s\x11Z\xb9\x8f\'PO\xf8\x8bZY\x86W\xb63K\x88\x16\xac\xeb\xdf\xf1\x90\x06E\xe0)@\x05A\a\xcb\"\x89t\xd5L)\x82\xdd*8\x02\xb0D\x9do\x05\x1a\xc1\"\x05\x00G|\x83M\x8e<\xb8\xed;F\xaf\x12\xe4RK\x87G\xda\xf1\xdf\xf5\x19j\x13~9\x8bF\t\f0\xd0R\xea\x98\xb8\b$\xdf\xf5\xd6j!.\xa1\xc9\xa3\x1c\xe9\xf16\'$\x89F\xb0\x11\x0e\xa3\xddNg\xac*SV\x1c\xc2AJ\x9d\xdb1\b\xae')

10:01:02 executing program 2:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2, 0x0)
write$sndseq(r0, &(0x7f0000000080)=[{0x0, 0xfdffffff, 0x0, 0x0, @tick, {}, {}, @time}], 0x1c)

10:01:02 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = getpid()
rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f00000000c0))
ptrace(0x10, r1)
ptrace$getsig(0x4203, r1, 0x0, 0x0)

10:01:02 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x3, 0x24, &(0x7f0000001000)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d03010000000000950000000000000071260000000000006706000002000000bf25000000000000720500000ef1ffff3c65000000000000bf540000000000000704000004faff003d4301000000000095000000000000007d46000000000000bf250000000000000f65000000000000070500000e000000bf5400000000000007040000040000003d4301000000000095000000000000006154000000000000bf02000000000000070500000e0000001f6500000000000007050000040000000f65000000000000bf5400000000000007040000040000003d3201000000000095000000000000004d54000000000000b7000000000000009500000000000000"], 0x0}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r0, 0x0, 0xe, 0x0, &(0x7f00000001c0)="060020f583435b7e8ab13407007d", 0x0, 0x200}, 0x28)

10:01:02 executing program 5:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_GET_NEXT_ID(0xb, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x100000b5, 0x0)
ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, &(0x7f0000000380))
lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100))
arch_prctl$ARCH_SET_CPUID(0x1012, 0x2)
fstat(r0, &(0x7f0000000240))
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x100, 0x0)
ioctl$TIOCGLCKTRMIOS(r1, 0x5456, &(0x7f00000002c0)={0x45, 0x0, 0x5, 0x81, 0x4, 0x8, 0x0, 0x100, 0x4, 0xfffffffffffffffe, 0x5, 0x20})
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00')
preadv(r2, &(0x7f0000000480), 0x1000000000000181, 0x0)
socket$key(0xf, 0x3, 0x2)

10:01:02 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:01:02 executing program 2:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2, 0x0)
write$sndseq(r0, &(0x7f0000000080)=[{0x0, 0xfdffffff, 0x0, 0x0, @tick, {}, {}, @time}], 0x1c)

10:01:03 executing program 4:
syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x4840)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

10:01:03 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = getpid()
rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f00000000c0))
ptrace(0x10, r1)
ptrace$getsig(0x4203, r1, 0x0, 0x0)

10:01:03 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)

10:01:03 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x0, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:01:03 executing program 2:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2, 0x0)
write$sndseq(r0, &(0x7f0000000080)=[{0x5, 0x0, 0x0, 0x0, @tick, {}, {}, @time}], 0x1c)

10:01:03 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180))
clone(0x200000041fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = getpid()
rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f00000000c0))
ptrace(0x10, r0)
ptrace$getsig(0x4203, r0, 0x0, 0x0)

10:01:03 executing program 1:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_GET_NEXT_ID(0xb, 0x0, 0x0)
getgid()
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x100000b5, 0x0)
ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, &(0x7f0000000380))
lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100))
arch_prctl$ARCH_SET_CPUID(0x1012, 0x2)
fstat(r0, &(0x7f0000000240))
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x100, 0x0)
ioctl$TIOCGLCKTRMIOS(r1, 0x5456, &(0x7f00000002c0)={0x45, 0x0, 0x5, 0x81, 0x4, 0x8, 0x1, 0x100, 0x4, 0xfffffffffffffffe, 0x5, 0x20})
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00')
preadv(r2, &(0x7f0000000480), 0x1000000000000181, 0x0)
socket$key(0xf, 0x3, 0x2)

10:01:03 executing program 4:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_GET_NEXT_ID(0xb, 0x0, 0x0)
r1 = getgid()
setregid(r1, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x100000b5, 0x0)
ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, &(0x7f0000000380))
lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100))
arch_prctl$ARCH_SET_CPUID(0x1012, 0x2)
fstat(r0, &(0x7f0000000240))
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x100, 0x0)
ioctl$TIOCGLCKTRMIOS(r2, 0x5456, &(0x7f00000002c0)={0x45, 0x0, 0x5, 0x81, 0x4, 0x8, 0x1, 0x100, 0x4, 0xfffffffffffffffe, 0x5, 0x20})
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00')
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x800, 0x0)
preadv(r3, &(0x7f0000000480), 0x1000000000000181, 0x0)

10:01:03 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getgid()
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x100000b5, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCGLCKTRMIOS(0xffffffffffffffff, 0x5456, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00')
preadv(r0, &(0x7f0000000480), 0x1000000000000181, 0x0)

10:01:03 executing program 2:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2, 0x0)
write$sndseq(r0, &(0x7f0000000080)=[{0x5, 0x0, 0x0, 0x0, @tick, {}, {}, @time}], 0x1c)

10:01:03 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:01:03 executing program 2:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2, 0x0)
write$sndseq(r0, &(0x7f0000000080)=[{0x5, 0x0, 0x0, 0x0, @tick, {}, {}, @time}], 0x1c)

10:01:03 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x0, 0x0)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:01:03 executing program 4:
syz_open_dev$binder(&(0x7f00000000c0)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000400)={0x50, 0x0, &(0x7f0000000240)=[@exit_looper, @transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4}}], 0x1, 0x0, &(0x7f0000000300)="06"})

10:01:03 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x2, 0x28001)
write$evdev(r0, &(0x7f00000000c0)=[{{0x0, 0x2710}, 0x11, 0xcd}], 0x18)

10:01:03 executing program 5:
r0 = syz_open_dev$binder(&(0x7f00000000c0)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x2d, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="006340400000000000000000000000000000000000000000000000000000000000000000000000000000000004"], 0x0, 0x10000000, 0x0})

10:01:03 executing program 1:
r0 = syz_open_dev$binder(&(0x7f00000000c0)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x2d, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="006340400000000000000000000000000000000000000000000000000000000000000000000000000000000004"], 0x0, 0x10000000, 0x0})

[  314.771756] binder: 12214:12219 transaction failed 29189/-22, size 0-0 line 2834
[  314.798283] binder: 12220:12225 transaction failed 29189/-22, size 0-4 line 2834
[  314.800520] binder: 12222:12224 transaction failed 29189/-22, size 0-4 line 2834
[  314.827747] binder: undelivered TRANSACTION_ERROR: 29189
[  314.917202] binder: undelivered TRANSACTION_ERROR: 29189
10:01:04 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180))
clone(0x200000041fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = getpid()
rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f00000000c0))
ptrace(0x10, r0)
ptrace$getsig(0x4203, r0, 0x0, 0x0)

10:01:04 executing program 4:
perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x10, 0x3, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pipe(0x0)
recvfrom$packet(0xffffffffffffffff, &(0x7f00000000c0)=""/203, 0xcb, 0x40000000, 0x0, 0x0)
r1 = getpgrp(0xffffffffffffffff)
sched_getparam(r1, &(0x7f0000000440))
write(0xffffffffffffffff, 0x0, 0x0)
read(0xffffffffffffffff, &(0x7f0000000200)=""/250, 0xfffffe24)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000001c0)=<r2=>0x0)
sched_getparam(r2, &(0x7f0000000400))
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f000000d000)=[{&(0x7f0000000040)="4c0000001200ff09fffefd956fa283b724a6008000000000000000683540150024001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d0f1cbc882b0798818c", 0x4d}], 0x1}, 0x0)
recvmmsg(r0, &(0x7f0000001b40)=[{{0x0, 0x118, &(0x7f0000000240), 0x0, 0x0, 0x26085d6cce6967cc}}], 0x4000056, 0x3a, &(0x7f0000000200)={0x77359400})

10:01:04 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
socket(0x0, 0x0, 0x0)
r1 = getpid()
rt_sigqueueinfo(r1, 0x3a, 0x0)
r2 = socket(0x11, 0x800000003, 0x600081)
bind(r2, &(0x7f00005a2000)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r3 = dup2(r2, r2)
write$tun(r3, &(0x7f00000000c0)={@void, @val, @ipx={0xffff, 0xfe6, 0x0, 0x0, {@random=0x88caffff, @broadcast}, {@random, @random="d7b52e2ab5df"}, "426553b20d6872e0136e4d234b5784b2fef47303cde767ee3794b9c247b320fdafb45c2ba40513010f7f854faa2d428330164a5f338c264bf64947a6f6290300a41250d22c122147872cd04910dab17cac5b4e23d3148cce900f9466e21bdc4ea20c0b6f74d2de714f8239610651766839f0bbd80d5f8e3c0932a71c48b2d5f05e4548f2af5248a58aa4a025ed8ff8845943218b706b0482b7f94904755a327bf892f46cde662d239ca138edccff581f589a2e77ac63c1e64e5c46108e2154a34793d3f17ae3bd7daab02febd7149c62bd7f7843a2984fe646981e7108b00d9a1f110746184531fd93b73ce960cb2a8149d4c6492590dac1cf17ce8f7815fa529b4dc10cd5d1b9f06621e1ffd2b3610791daf5a95951aee02a3c5502b9c8f3e865ca4dd91e736307f3efb77fbb656b47a4e9263de2d042bbc2b0643ab3b3256030da9f1ae5f5bac15a669d6886ebf520c96f8f4b36a840ab8da7eeec0e1d1a7eea67b09b6f176ba8cf23292dab452927348865e1a47668002c27cfaf3d9adc80fc1568bf0b7bdde34e6e738c0000d87e368e10cee479a2b2968c1d880adb3202c63dcbb90431e2c31716a58824653d79ad9135bd16afa8793195996e82456c76b14cc690f04f05c0402343fac765fb0335c36e0dd26d7f73eb0fa2ed9b7fcf85459898c33b063b56f2520f3309ec7288fc40ae7fa36d985f90f5924f94eea72a68092cd61901f3f9eab33728d9e7980d5787f6da2c76f6db1bdce52fe0d7bf21705ce830c72480a50550da1206edbe80d13c6f9dc5587422ff7077193a694a0e26661fc62e1fbc0afa9e4128c554bc5fef0fb977d013206fa062c34ae59a6737861c229db4a889531adbcb3a4392cf19725e6b7d83d606a33c88e670e0cc42d9dc90b30ae6b878777fb1767add7f1e0d9746759c4c32c7d42d95146ab604017d9187613ce105c12adf67d62d62bb57df5d14609fce910073d3ac7d87a401b4e086b800aa90f521f7fb6af69fbff9ada5666d24d4ef7e8b0ef3e7408cad9d555a497db61e5f1a120a178c34907c930329c96724082e3f89f24f3c57848d3c686a1bf0ac8ce6d0913501c9e35f4eed0d00c49681d93adbe7425530c3c5492e8ae0a12b7971beeaf4a08b4bc8bd447d3a7da0e9a08ac9170bc63e23c1e2c31387dd92d98287e2f65608d93c5ad8e565eb93e2edaf455709e18c21c92eba3dbfa757acb11b8f4889048790816196fd47a2f8127cc67bee6389b48f6fdd8402377b35e3c03889f1e6def993f308a1d54c14e7c302ce96db29733b28e4eb2a2e02e04ee737615a9206f4213acafe9b55ab24caec20d397e421b14ed1cd54e44a7d3a42460eb0cfb73a39cf96fcd929ccce28e868ec99a421f9f54d1ecb1a343a9c7aa9bbcf2c304fcd62da7d6774418c861b8ce9594c9a9802cca99635143e6bae96c9669520283a1103a009f4c47beacbb515fb51aec33c8e49c2ca9a3766a4bb63bf4c8b2771283f9c2866992b8a2b4532bfa410384bde3d5de0b02d38633d13037f1538acdb91046dfe194d57cbcf359b831d405826f57a55e6fd6b8beec78c8f539d0fc3c9464a02cb3f59f107a2d5cdfedfa38c48063f64206376b1426dbd681355faad8da06f098e046982e372c0b84c71525dfde26608de6a0b0c430a1f5b3a4de2c9fdb698346eda6a0cb17eea62cf5ea1ae326eb2759483fe14e335bce3abe60ebd883f6d74cb299c0798761a96ada0b28c33a6bddd75587c6dbaf50fa704791cf6805d9a7175ff9545f7b458aa12f0306c786316a18f6f91d12a468d03ad134a952da05a2cac106c6376fac38ef4dec635efb93a84d64d867c697d9eab3ccdfcfc3eb85d86452dc13af7605161ca2c715f17f0b44e8f0fa725d92880a07b3d5a2f9866f148756de4beb5f7413ccce63a41da1a1af7bc3a70d2e50737a0b773c9cd3ff686af57b0e1cbdadbd48d54ea1ee8fda52e8d58fc031f3b362cb66f2959144a32fae0f06b2b34f5bfa83a09fcf68576a4ac3647b2c54c45f6f99e4b26f4da40f3396ee21ac5e3f1a8f6b33d27fc2820069724563708254a7025420f807930f7bb73390616e594112bd7b5f627ad8aacebc821033b07210acff24f796dd83c7d1985b77168601e430609f66a0748b3d2a9d1d59959ebbf74fa94a7914a528bfe7f5738dc596d2d26d66a57f0cde6e2794e51a8fe796451aef43505d4028e96ec29f20a1bd226af4837a687132867a11e37adaba51047f57594dbfb1d9a59a2afe5528ecbf684e8b15f440c89d489f5c79b339adeaa812329638e0ba36207627bec1ebb00b1ffecbcb0bd4d9c08228c09ce40497af2e7476f953f93d9df1290113d4156f3f2288e4a8168ec5a7f62a4f38890db901ea48f7109c2275042a8d1167b12ab4f9509911b7b927cbb8b7f1ad0bb49206b4ea5b3ab7e374a514debc66e6b096364af2910c71f3e2422b20cc2363620939d7dc72702ce94ea0bf1d43a2b1cf556266dbeea93cb883fc1cccbd51fe32264227c75a328636144434dd045696add3fb004669c3e5e5d630533f884fab1f4ebbbda6d5162e3ba163eff8b6f21e7c21dd29b81fdc8c88ae2a6878ec13daa0768629840e1a558deab01301ee7feb8a822aa3a563faace3eedec4d06d105c686e1fe5dc7af2e3e62f120d469b69521c7dfaa4b0df81eedf282e96997f61cb571f408872d68695b5bf91a98056045665486763b2cdfa7c0f70ac04a3e2981c58bd1659b1701b6cb21e329b4aefa0ae4d0054875dc5987b2468f0e8a8383ec3172cee5bf67ee98531b4af08558be11576ba0d04c197f8f7f0b8b357036e96b9cf8625f67cf6446f3d6ad4e7bc657f5311711ffc9b1bce7aa099de701764adfd7523d09ecba04e18c69d365b5a70bc95852057ee760664b1f179f6b4075f04b008f3477b929b00d64a16ce47f63f0406debfb02a06f7f7d3a98b03deb89385bea09c659dabd8cccba18044f7fc40cdbc26278d1c2b683e7af4e49b249e3f190cf8e427c96faca3a3e75d0383ed905505dfe633b6c8aee86999552bf07b6e305e6cac6590f9cbbec53f2c68477ff84200fbf8dc72f37769f10e26f21823a2398f211fa96be31a17482bc14a419ecee0ed35356c7ea84c860fad8abb8b2aa76953e7eafafca9906bd15bee9f115edff6f0aec737fe5ab239f55a0b8521212628d52a0e592b8948815cf13e56b47014826adf2ec5487f619e6afe0302db020badf850ca72fa35922c5aad259df8fd38dc6f182a1d2127dd57f7409245fe4cf77c71278be53249b0be5836968ed5607e45b5563f3e4a0c9f1d04c88c31ef1429a2661008879c9c8714e1125a4a11125b55450412f3317c4505755f9dad11b55e3f0fe2685f44666dfe649f39296838e4c5b6e0f3e47e232382997a27b0330c3d3b64549ba3ea9bdedd140afd4514a76d8cbc7049d62db0c65847735994e12393c2e287722250710dcce7ebbe39f406938db4115bc34ecfddb6fb370a862abebf2b495b552b48f99b207c3ebf87f22693f985d1d29fbbdc3b7f3af97a752880c09b4e1fff5fbad4d157efa4ebb50587357c8e2d81621bf973c490cd9d330a971820db27e58876c89ace5079309e5dcaa2b9eaf8b551d0bfde0d50b39e0e46312c0bf38c068613a0115299bbef9a9b8a2e1cf32b3480a6ca42b8af00f9fd9243f738054b8c35bb30510e4a6f9d63fe54837cc3e7200522a85af1c58ae0ca6185c058da78d4a1bee1ba6ddc0285e8f78271e3b4203a56d54acb2fefee95fd30c74da4deaa287f87092409dcb0487fb67200440a1414b5bad283b276af0edbfdb83d1c2d48e5d771f67d91f9d7b8518121e15ff91a148e5dc8af88c1dc76e2d8231fa08698491522fb7371ae583a8e73bb03c4fb2f9f1be3e7d1f4c9d16aa0035066e26622476399879b00be5761b1f520d2d19746ec6243223ed266169703d8a7b0b49dadc6fd453610bbe05217eed1c988056610946420b34eaa6bdb34cbc8f523f691d5e3b20b611bbf593f42bf6d26282cbabac404e0d5ea06bc953110cbb1a30336f1746009ff5b9fa9ed57ae6da6c662073400d4b52cdebc0c5d627865f9f28bdd9e5a1a3ab4d4a59eeb28e9c79a522f71048605d98c49b1be7e587435ff0ee31b40057c9086092366866d7b6dbf0d02fb1de8627c261628c258e22783e024765412aba14231f774c4c0e92ffe591d8220404c2743c70be2e18774da16ef60e142616968f4bbb714180b05ef2bbcf8c6918a8cb748567e0cfbc6187d9ab0e6782996c379a7c2b4f60fc7168f5770dd1362a00865146fdfd27417fc52e598f3b55919793cd340ff26be24508b0a7c3564d5f97105bd22fd1bf2fae8329d80f4c160cb3bdd5dcbe3cad92b6326e25ceea9d864659f8e36e046a8d3b47b402dc1763caa1a8ed9b23dd9bb984a4697f13e2120b86390598db3ec6d4720624585c7a189ecbc779d4feb2f353cebb03318a3ed7492e02ada18b235693cf96f1ae39645bb779aa9a5eaeed37d9e18f3fe640bf20e5fd0bc36d34ea8245073ffbf64e7024e8753a3a2dd2460986fcce08c176ce85d8417ce599d23ccffa59b4aa5cea1e80af4e20b090e34e7f567706c6c88c325118cb83eb3cfeba6f2bdf846a66961c770c9fa13c06c505abd3435deffaaf4f08c3e4c7e5c3b753b950ea30447948d0a6c48778a5b91f1c9aa3c798d84d6e8fcdf6da7c6f572d9b103251728be1a1ccc0d1f0e93f130a49b642d795beda155fff0ffd72fb53fc0bd9c43db6687494f54dc1fd80f1719379eae1a85a9ac12ff58cd190c5da1189493e052ac12fe48b5dbdee7a5b8c66a49a44e7525f22bcd8b2dc21e40ed3aebfa56fa79f8a4b5570f35c36844eb8bf5c81b64bbec5685331041008f7c7b7f9ff19b68bebed4b5916732f382bfeaab8272e8858c0ee1a685c6ee465f5c08c0719930bdfad822da8e933a76b7ae52732e42c2a8189f52e507ee12ec80facb9742cfe3565deba65b6b6bee6516f948c4bce3422d602965f5a36c5ce5693c7639e69522a3af6bc9bf1421590327ef8eb053a039fc8e3e915d5526ad4aa86fcb416784e3511f06806ce5c83b5e38c69c72bc96f1cc090432e5a6e0ae4699c656ea7f3d90618cab141cd4197f86b4798ee27a25c084b2c332d7646ca1f4e474fc6ef6fbbbb6aa6d7b429fd858623655dfaea04f42c830eda68f23bd8bc54ffd62dbb3863c9f26a7c383209eebe90debaeb91ea6c3826d90eb01a400d7aa3907c3227c4c70ef29272c7446b94cfb2b0e562dad69bd33a2f556c5e3c287fb571319685f7ee02fa5ee54676e3750daf2d6e958aba0de7da9bb0b3b8e7c17cd66e2786b3553bc0f9187aa468b5da98a772aa0b676163d816f41da0a676d6a3e45c3202c035507a2a16fe8cadcb5bae4390cdf536e572d82608fe7e11c0c8eed2af6392be410afef97d8d4500f3d21a23cb368d9764f7a5ad18b6309300ad9b806777a5c6e5389afb44fba9c477e617840ad86b34ac9fad4a76b9abf11c4a5bdc332c5ba57a5badf27b70ac7646ec8ea7c6ed08e50b0a5f82027e2423b9ca7b609fd5b5288514277df699bc0abefca9ad3e3ee93704eea6a18829564d9108febc02da0de79cc43175dc4283440f8dcf772382eec5a1afa8b74d2d34f73af7665f788bf6ec2414a0fdfc5e3af7bbfa16f910fd983a203bd5545a81a21f29bf96f1be001c"}}, 0xff0)

10:01:04 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000013c0)={{{@in, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@local, 0x0, 0x32}, 0x0, @in6, 0x0, 0x0, 0x0, 0x5, 0xfffffffffffffffd, 0x5}}, 0xe8)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x18}}}, 0x1c)

10:01:04 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvfrom(r1, 0x0, 0x0, 0x0, 0x0, 0xb3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
clone(0x3102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$sock_int(r1, 0x1, 0x2a, &(0x7f0000000000), 0x4)
dup3(r2, r1, 0x0)
recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmmsg(r0, &(0x7f000000d8c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

10:01:04 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:01:04 executing program 1:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x0, 0x0)
dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
write$binfmt_aout(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCSPGRP(r0, 0x5451, 0x0)

10:01:04 executing program 2:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
getpeername(0xffffffffffffffff, 0x0, 0x0)
r1 = gettid()
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
r2 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
socket$unix(0x1, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
shmctl$SHM_INFO(0x0, 0xe, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, 0x0, 0x0)
shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffc000/0x3000)=nil)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0)
shmctl$SHM_INFO(0x0, 0xe, 0x0)
setsockopt$netlink_NETLINK_CAP_ACK(0xffffffffffffffff, 0x10e, 0xa, 0x0, 0x0)
tkill(r1, 0x1000000000016)

[  315.190038] validate_nla: 4 callbacks suppressed
[  315.190056] netlink: 'syz-executor4': attribute type 29 has an invalid length.
[  315.202516] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'.
[  315.211126] netlink: 'syz-executor4': attribute type 29 has an invalid length.
[  315.218630] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'.
[  315.313607] netlink: 'syz-executor4': attribute type 29 has an invalid length.
[  315.321173] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'.
10:01:04 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

[  315.355862] netlink: 'syz-executor4': attribute type 29 has an invalid length.
[  315.363634] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'.
10:01:04 executing program 5:
openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0)
socket$unix(0x1, 0x0, 0x0)
r0 = eventfd(0x0)
poll(&(0x7f0000000100)=[{}], 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000140)='/dev/urandom\x00', 0x80, 0x0)
ioctl$RNDZAPENTCNT(r2, 0x5204, 0x0)
ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0, 0x108)
ioctl$VT_ACTIVATE(0xffffffffffffffff, 0x5606, 0x0)
ioctl$void(r2, 0x0)
ioctl$sock_inet6_udp_SIOCOUTQ(r3, 0x5411, 0x0)
close(r1)
getsockopt$EBT_SO_GET_INIT_INFO(0xffffffffffffffff, 0x0, 0x82, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_TIMEOUT(r3, 0x0, 0x48a, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0)
setsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
prctl$PR_MCE_KILL(0x21, 0x0, 0x1)
ioctl$VT_ACTIVATE(0xffffffffffffffff, 0x5606, 0x0)
clock_gettime(0x7, &(0x7f0000000600))
getpeername$inet(r3, &(0x7f0000000640)={0x2, 0x0, @broadcast}, &(0x7f0000000680)=0xffffffffffffff8e)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x1)
ioctl$FICLONE(r0, 0x40049409, 0xffffffffffffffff)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
creat(&(0x7f0000000700)='./file0\x00', 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(0xffffffffffffffff, 0x10e, 0x5, 0x0, 0x0)
lseek(r1, 0x0, 0x0)

[  315.401166] netlink: 'syz-executor4': attribute type 29 has an invalid length.
[  315.408861] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'.
[  315.461355] netlink: 'syz-executor4': attribute type 29 has an invalid length.
[  315.469033] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'.
10:01:04 executing program 2:
r0 = socket$inet6(0xa, 0x3, 0x800100000003)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000600)={0x1, {{0xa, 0x0, 0x0, @mcast1}}}, 0x90)

10:01:04 executing program 1:
alarm(0x0)

[  315.502773] netlink: 'syz-executor4': attribute type 29 has an invalid length.
[  315.510336] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'.
[  315.535697] netlink: 'syz-executor4': attribute type 29 has an invalid length.
[  315.543376] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'.
[  315.603744] netlink: 'syz-executor4': attribute type 29 has an invalid length.
[  315.611422] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'.
10:01:04 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
poll(&(0x7f0000000000)=[{r0}], 0x1, 0xff)
write$binfmt_aout(r0, 0x0, 0x0)

[  315.652380] netlink: 'syz-executor4': attribute type 29 has an invalid length.
[  315.659900] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'.
10:01:05 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180))
clone(0x200000041fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = getpid()
rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f00000000c0))
ptrace(0x10, r0)
ptrace$getsig(0x4203, r0, 0x0, 0x0)

[  316.088351] cgroup: fork rejected by pids controller in /syz3
10:01:06 executing program 4:
r0 = socket$inet6(0xa, 0x5, 0x0)
r1 = socket$inet6(0xa, 0x3, 0xf5)
ioctl(r1, 0x1000008912, &(0x7f00000046c0)="0a5c2d023c126285718070")
shutdown(r0, 0x0)
connect$inet6(r0, &(0x7f0000000280)={0xa, 0x0, 0x0, @local, 0x1}, 0x1c)

10:01:06 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000500)="84", 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:01:06 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_ZERO(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)={0x14, r1, 0x5}, 0x14}}, 0x0)

10:01:06 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x30, r1, 0x805, 0x0, 0x0, {{}, 0x0, 0x5, 0x0, {0x14, 0x19, {0x0, 0x0, 0x3}}}}, 0x1e0}}, 0x0)

10:01:06 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
poll(&(0x7f0000000000)=[{r0}], 0x1, 0xff)
write$binfmt_aout(r0, 0x0, 0x0)

10:01:06 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x2, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
write$P9_RSTATFS(r0, &(0x7f00000000c0)={0x43}, 0x43)
syz_open_pts(r0, 0x0)
ioctl$TCSETSF(0xffffffffffffffff, 0x5412, 0x0)

10:01:06 executing program 4:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
getpeername(0xffffffffffffffff, 0x0, 0x0)
gettid()
prctl$PR_MCE_KILL(0x21, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$IP_VS_SO_SET_DEL(r1, 0x0, 0x484, 0x0, 0x0)
timer_create(0x0, 0x0, 0x0)
r2 = socket$unix(0x1, 0x0, 0x0)
ioctl$KDGKBSENT(r1, 0x4b48, &(0x7f0000000040)={0xb148, 0x0, 0x81})
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
close(r2)
getuid()
stat(0x0, 0x0)
getegid()
getresuid(&(0x7f00000019c0), &(0x7f0000001a00), 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000001ac0))
getresgid(&(0x7f0000001b00), &(0x7f0000001b40), &(0x7f0000001b80))
getgid()
getresuid(&(0x7f0000002600), &(0x7f0000002640), 0x0)
fstat(0xffffffffffffffff, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f0000000080)={{0x4, @rand_addr=0x2, 0x4e24, 0x2, 'fo\x00', 0x4, 0xfff, 0x43}, {@multicast2, 0x4e22, 0x3, 0x0, 0x7f, 0x5}}, 0x44)
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000100)={{{@in=@local, @in6=@local}}, {{@in=@remote}, 0x0, @in=@broadcast}}, &(0x7f0000000200)=0xe8)
write$cgroup_int(r1, 0x0, 0x0)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)

10:01:06 executing program 1:
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x6, 0x1)
setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
add_key$keyring(&(0x7f0000001840)='keyring\x00', &(0x7f0000001880)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffa)
add_key$keyring(&(0x7f00000018c0)='keyring\x00', &(0x7f0000001900)={'syz'}, 0x0, 0x0, 0x0)
write$nbd(0xffffffffffffffff, 0x0, 0x0)
lsetxattr$security_smack_entry(0x0, &(0x7f0000001b40)='security.SMACK64IPIN\x00', &(0x7f0000001b80)='keyring\x00', 0x8, 0x0)
rt_sigprocmask(0x1, 0x0, 0x0, 0x0)
ppoll(&(0x7f0000001d80), 0x0, &(0x7f0000001dc0)={0x0, 0x1c9c380}, &(0x7f0000001e00)={0xffffffffffffff80}, 0x8)
capset(&(0x7f0000001e80), 0x0)
ioctl$sock_ifreq(r1, 0x23da9257c8150e9f, 0x0)
ioctl$KDSKBLED(0xffffffffffffffff, 0x4b65, 0xff)
ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0)
dup2(r0, 0xffffffffffffffff)
getsockopt$IP6T_SO_GET_INFO(r0, 0x29, 0x40, &(0x7f0000002240)={'filter\x00'}, &(0x7f00000022c0)=0x54)

10:01:06 executing program 3:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
clone(0x200000041fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = getpid()
rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f00000000c0))
ptrace(0x10, r0)
ptrace$getsig(0x4203, r0, 0x0, 0x0)

10:01:06 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r2, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:01:06 executing program 2:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_WKALM_RD(r0, 0x4008700c, 0x0)

10:01:06 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
poll(&(0x7f0000000000)=[{r0}], 0x1, 0xff)
write$binfmt_aout(r0, 0x0, 0x0)

10:01:06 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)

10:01:06 executing program 2:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x0, @local}}, 0x0, 0x2, 0x0, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast1}, 0x10)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070")
sendto$inet(r0, 0x0, 0x0, 0x20000800, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)

10:01:06 executing program 1:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)="d800000018008100e00f80ecdb4cb9040a1965000b007c05e87c55a11200e1730000000000000000000000000000812fa80005001b4163e3e53db14ca0508ac1799d58f030035c3b61c1d67f6faf7d7134cf6efbe06bbace8017cbec4c2ee5a7cef4c02631631fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683e4f6dd457c0b03c10964c360db798262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace80ed0b7fece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703db0de796ac5abeb3a79dd14678", 0xd8}], 0x1}, 0x0)

10:01:06 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r2, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:01:06 executing program 4:
r0 = socket(0x200000000000011, 0x802, 0x4001000dd86)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'sit0\x00', <r1=>0x0})
bind$packet(r0, &(0x7f00000000c0)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @dev}, 0x14)
getsockopt$IP_VS_SO_GET_SERVICE(0xffffffffffffffff, 0x0, 0x483, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
setsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, 0x0, 0x0)
writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000140)="fb", 0x1}], 0x1)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)

10:01:07 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r2, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})

10:01:07 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
poll(&(0x7f0000000000)=[{r0}], 0x1, 0xff)
write$binfmt_aout(r0, 0x0, 0x0)

[  317.996293] ==================================================================
[  318.003747] BUG: KMSAN: uninit-value in check_6rd+0x65c/0x720
[  318.009644] CPU: 1 PID: 12354 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #12
[  318.016942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  318.026297] Call Trace:
[  318.028893]  dump_stack+0x173/0x1d0
[  318.032549]  kmsan_report+0x12e/0x2a0
[  318.036371]  __msan_warning+0x81/0xf0
[  318.040193]  check_6rd+0x65c/0x720
[  318.043768]  sit_tunnel_xmit+0xb58/0x34d0
[  318.047978]  ? dev_hard_start_xmit+0xb3/0xc40
[  318.052500]  ? __dev_queue_xmit+0x2e42/0x3bc0
[  318.057013]  ? ipip6_tunnel_uninit+0x7e0/0x7e0
[  318.061608]  dev_hard_start_xmit+0x607/0xc40
[  318.066052]  __dev_queue_xmit+0x2e42/0x3bc0
[  318.070424]  dev_queue_xmit+0x4b/0x60
[  318.074708]  ? __netdev_pick_tx+0x1270/0x1270
[  318.079212]  packet_sendmsg+0x8306/0x8f30
[  318.083370]  ? kmsan_memcpy_memmove_metadata+0x58f/0xfa0
[  318.088830]  ? sock_write_iter+0x102/0x4d0
[  318.093079]  ? do_iter_write+0x302/0xd80
[  318.097187]  ? __x64_sys_writev+0x4a/0x70
[  318.101440]  ? do_syscall_64+0xbc/0xf0
[  318.105340]  ? entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  318.110724]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  318.116117]  ? balance_callback+0x48/0x260
[  318.120375]  ? __msan_metadata_ptr_for_store_4+0x13/0x20
[  318.125835]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  318.131398]  ? compat_packet_setsockopt+0x360/0x360
[  318.136411]  sock_write_iter+0x3f4/0x4d0
[  318.140483]  ? sock_read_iter+0x4e0/0x4e0
[  318.144627]  do_iter_readv_writev+0x822/0xab0
[  318.149144]  ? sock_read_iter+0x4e0/0x4e0
[  318.153310]  do_iter_write+0x302/0xd80
[  318.157195]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[  318.162651]  ? import_iovec+0x40e/0x660
[  318.166633]  do_writev+0x397/0x840
[  318.170192]  ? __msan_metadata_ptr_for_store_4+0x13/0x20
[  318.175633]  ? prepare_exit_to_usermode+0x114/0x420
[  318.180646]  ? syscall_return_slowpath+0x50/0x650
[  318.185497]  __se_sys_writev+0x9b/0xb0
[  318.189380]  __x64_sys_writev+0x4a/0x70
[  318.193434]  do_syscall_64+0xbc/0xf0
[  318.197147]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  318.202334] RIP: 0033:0x457669
[  318.205519] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  318.224415] RSP: 002b:00007f0e4b6b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  318.232628] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669
[  318.240386] RDX: 0000000000000001 RSI: 00000000200003c0 RDI: 0000000000000003
[  318.247648] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  318.254911] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0e4b6b56d4
[  318.262176] R13: 00000000004c3a1f R14: 00000000004daea8 R15: 00000000ffffffff
[  318.269456] 
[  318.271077] Uninit was created at:
[  318.274617]  kmsan_internal_poison_shadow+0x92/0x150
[  318.279710]  kmsan_kmalloc+0xac/0x130
[  318.283503]  kmsan_slab_alloc+0xe/0x10
[  318.287401]  __kmalloc_node_track_caller+0xe38/0x1060
[  318.292585]  __alloc_skb+0x309/0xa20
[  318.296290]  alloc_skb_with_frags+0x1c7/0xaf0
[  318.300773]  sock_alloc_send_pskb+0xafd/0x10e0
[  318.305436]  packet_sendmsg+0x661a/0x8f30
[  318.309576]  sock_write_iter+0x3f4/0x4d0
[  318.313630]  do_iter_readv_writev+0x822/0xab0
[  318.318134]  do_iter_write+0x302/0xd80
[  318.322011]  do_writev+0x397/0x840
[  318.325550]  __se_sys_writev+0x9b/0xb0
[  318.329437]  __x64_sys_writev+0x4a/0x70
[  318.333414]  do_syscall_64+0xbc/0xf0
[  318.337126]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  318.342301] ==================================================================
[  318.349646] Disabling lock debugging due to kernel taint
[  318.355087] Kernel panic - not syncing: panic_on_warn set ...
[  318.360982] CPU: 1 PID: 12354 Comm: syz-executor4 Tainted: G    B             4.20.0-rc7+ #12
[  318.369627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  318.378962] Call Trace:
[  318.381546]  dump_stack+0x173/0x1d0
[  318.385169]  panic+0x3ce/0x961
[  318.388398]  kmsan_report+0x293/0x2a0
[  318.392196]  __msan_warning+0x81/0xf0
[  318.395994]  check_6rd+0x65c/0x720
[  318.399540]  sit_tunnel_xmit+0xb58/0x34d0
[  318.403705]  ? dev_hard_start_xmit+0xb3/0xc40
[  318.408205]  ? __dev_queue_xmit+0x2e42/0x3bc0
[  318.412691]  ? ipip6_tunnel_uninit+0x7e0/0x7e0
[  318.417285]  dev_hard_start_xmit+0x607/0xc40
[  318.421706]  __dev_queue_xmit+0x2e42/0x3bc0
[  318.426039]  dev_queue_xmit+0x4b/0x60
[  318.429847]  ? __netdev_pick_tx+0x1270/0x1270
[  318.434335]  packet_sendmsg+0x8306/0x8f30
[  318.438499]  ? kmsan_memcpy_memmove_metadata+0x58f/0xfa0
[  318.443937]  ? sock_write_iter+0x102/0x4d0
[  318.448160]  ? do_iter_write+0x302/0xd80
[  318.452214]  ? __x64_sys_writev+0x4a/0x70
[  318.456350]  ? do_syscall_64+0xbc/0xf0
[  318.460226]  ? entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  318.465585]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  318.470941]  ? balance_callback+0x48/0x260
[  318.475298]  ? __msan_metadata_ptr_for_store_4+0x13/0x20
[  318.480747]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  318.486143]  ? compat_packet_setsockopt+0x360/0x360
[  318.491152]  sock_write_iter+0x3f4/0x4d0
[  318.495220]  ? sock_read_iter+0x4e0/0x4e0
[  318.499361]  do_iter_readv_writev+0x822/0xab0
[  318.503858]  ? sock_read_iter+0x4e0/0x4e0
[  318.508000]  do_iter_write+0x302/0xd80
[  318.511884]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[  318.517342]  ? import_iovec+0x40e/0x660
[  318.521320]  do_writev+0x397/0x840
[  318.524869]  ? __msan_metadata_ptr_for_store_4+0x13/0x20
[  318.530316]  ? prepare_exit_to_usermode+0x114/0x420
[  318.535322]  ? syscall_return_slowpath+0x50/0x650
[  318.540166]  __se_sys_writev+0x9b/0xb0
[  318.544046]  __x64_sys_writev+0x4a/0x70
[  318.548131]  do_syscall_64+0xbc/0xf0
[  318.551836]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  318.557012] RIP: 0033:0x457669
[  318.560237] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  318.579128] RSP: 002b:00007f0e4b6b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  318.586828] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669
[  318.594085] RDX: 0000000000000001 RSI: 00000000200003c0 RDI: 0000000000000003
[  318.601348] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  318.608628] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0e4b6b56d4
[  318.615903] R13: 00000000004c3a1f R14: 00000000004daea8 R15: 00000000ffffffff
[  318.624468] Kernel Offset: disabled
[  318.628140] Rebooting in 86400 seconds..