z_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:00:04 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) gettid() r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r1, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r1) tkill(0x0, 0x1000000000015) 19:00:04 executing program 4: r0 = socket$inet6(0xa, 0x7, 0xffffffffffffffff) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000001240)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@remote, 0x0, 0xff}, 0x0, @in=@multicast2}}, 0xe8) r1 = socket$key(0xf, 0x3, 0x2) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0xfa) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="020b0001020000000000410000000000"], 0x10}}, 0x0) sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)={0x2, 0x12, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmsg$key(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 417.329293] FAULT_INJECTION: forcing a failure. [ 417.329293] name failslab, interval 1, probability 0, space 0, times 0 [ 417.344248] CPU: 1 PID: 17034 Comm: syz-executor2 Not tainted 4.19.0-rc4+ #27 [ 417.351550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 417.360912] Call Trace: [ 417.363533] dump_stack+0x1c4/0x2b4 [ 417.367182] ? dump_stack_print_info.cold.2+0x52/0x52 [ 417.372400] ? should_fail.cold.4+0x5/0x17 [ 417.376657] should_fail.cold.4+0xa/0x17 [ 417.376686] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 417.385842] ? finish_task_switch+0x56e/0x900 [ 417.385860] ? __switch_to_asm+0x34/0x70 [ 417.385879] ? graph_lock+0x170/0x170 [ 417.398211] ? preempt_notifier_register+0x200/0x200 [ 417.403326] ? __switch_to_asm+0x34/0x70 [ 417.403343] ? __switch_to_asm+0x34/0x70 [ 417.403362] ? graph_lock+0x170/0x170 [ 417.411473] ? __switch_to_asm+0x34/0x70 [ 417.411489] ? __switch_to_asm+0x40/0x70 [ 417.411503] ? __switch_to_asm+0x34/0x70 [ 417.411521] ? __switch_to_asm+0x40/0x70 [ 417.411542] ? find_held_lock+0x36/0x1c0 [ 417.411564] ? __lock_is_held+0xb5/0x140 [ 417.439761] ? ___might_sleep+0x1ed/0x300 [ 417.443929] ? arch_local_save_flags+0x40/0x40 [ 417.448547] ? retint_kernel+0x2d/0x2d [ 417.452465] __should_failslab+0x124/0x180 [ 417.456726] should_failslab+0x9/0x14 [ 417.461065] kmem_cache_alloc+0x2be/0x730 [ 417.465243] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 417.470025] mmu_topup_memory_caches+0xf7/0x390 [ 417.474714] ? retint_kernel+0x2d/0x2d [ 417.478630] kvm_mmu_load+0x21/0xfa0 [ 417.482352] ? vcpu_enter_guest+0x26e5/0x62e0 [ 417.486837] ? vcpu_enter_guest+0x26f3/0x62e0 [ 417.491327] vcpu_enter_guest+0x3dee/0x62e0 [ 417.495645] ? emulator_read_emulated+0x50/0x50 [ 417.500306] ? native_read_msr+0x9/0x30 [ 417.504273] ? perf_trace_lock+0x7a0/0x7a0 [ 417.508852] ? mark_held_locks+0xc7/0x130 [ 417.513107] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 417.517859] ? lockdep_hardirqs_on+0x421/0x5c0 [ 417.522432] ? retint_kernel+0x2d/0x2d [ 417.526322] ? trace_hardirqs_on_caller+0xc0/0x310 [ 417.531240] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 417.535987] ? trace_hardirqs_off+0x310/0x310 [ 417.540475] ? __lock_is_held+0xb5/0x140 [ 417.544528] ? lock_acquire+0x1ed/0x520 [ 417.548494] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 417.553506] ? lock_release+0x970/0x970 [ 417.557495] ? kvm_arch_vcpu_ioctl_run+0xd00/0x16e0 [ 417.562516] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 417.567346] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 417.572362] kvm_vcpu_ioctl+0x72b/0x1150 [ 417.576433] ? kvm_vcpu_block+0x1030/0x1030 [ 417.580765] ? lock_release+0x4eb/0x970 [ 417.584733] ? __fget+0x4aa/0x740 [ 417.588176] ? check_preemption_disabled+0x48/0x200 [ 417.593205] ? kasan_check_read+0x11/0x20 [ 417.597345] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 417.602621] ? rcu_bh_qs+0xc0/0xc0 [ 417.606156] ? __fget+0x4d1/0x740 [ 417.609600] ? ksys_dup3+0x680/0x680 [ 417.613320] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 417.618074] ? kvm_vcpu_block+0x1030/0x1030 [ 417.622386] do_vfs_ioctl+0x1de/0x1720 [ 417.626281] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 417.631472] ? ioctl_preallocate+0x300/0x300 [ 417.635874] ? selinux_file_mprotect+0x620/0x620 [ 417.640621] ? __sb_end_write+0xd9/0x110 [ 417.644675] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 417.650203] ? fput+0x130/0x1a0 [ 417.653476] ? do_syscall_64+0x9a/0x820 [ 417.657477] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 417.663008] ? security_file_ioctl+0x94/0xc0 [ 417.667424] ksys_ioctl+0xa9/0xd0 [ 417.670892] __x64_sys_ioctl+0x73/0xb0 [ 417.674770] do_syscall_64+0x1b9/0x820 [ 417.678648] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 417.684004] ? syscall_return_slowpath+0x5e0/0x5e0 [ 417.688932] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 417.693790] ? trace_hardirqs_on_caller+0x310/0x310 [ 417.698796] ? prepare_exit_to_usermode+0x291/0x3b0 [ 417.703803] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 417.708653] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 417.713846] RIP: 0033:0x457679 19:00:04 executing program 0 (fault-call:6 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 417.717034] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 417.735957] RSP: 002b:00007f18a5145c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 417.743669] RAX: ffffffffffffffda RBX: 00007f18a51466d4 RCX: 0000000000457679 [ 417.750946] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 417.758215] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 417.765485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008 [ 417.772754] R13: 00000000004d0078 R14: 00000000004c016d R15: 0000000000000000 19:00:04 executing program 2 (fault-call:9 fault-nth:1): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:00:05 executing program 4: r0 = socket$inet6(0xa, 0x7, 0xffffffffffffffff) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000001240)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@remote, 0x0, 0xff}, 0x0, @in=@multicast2}}, 0xe8) r1 = socket$key(0xf, 0x3, 0x2) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0xfa) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="020b0001020000000000410000000000"], 0x10}}, 0x0) sendmsg$key(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:05 executing program 5: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x0, 0x0, 0x9917, 0xffff}, 0x0) r1 = creat(&(0x7f0000000340)='./bus\x00', 0x0) write$vnet(r1, &(0x7f0000000480)={0x1, {&(0x7f0000000580)=""/4096, 0x1000, &(0x7f0000000380)=""/205}}, 0x68) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000240)=ANY=[@ANYRES32=0x0, @ANYBLOB="0000000091eaa038d79a69f6be72a7714d41bc52d3f39ff189bdf195f67f00004a4347768a8df37139737f5488e54d47dfd2d7ac83262547f48731fbf5688663494f3597b8aaf32ba17524ff2c7291fc134058e4f797c35195bd56bc07af82d5dd42179e86b91bc182d3ea2d4bf9c3741a30e3c0cf34570b85bdf60dad5e13618b533d809f09e58dce01eb9cf3ddc69fda3559776f14427f7b6b617d6f9a155bfa161b98cf3f75634a41d9f5813899bd6e"], &(0x7f0000000080)=0x8) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000100)={r4, 0x40}, &(0x7f0000000140)=0xc) mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0xffffffffffffffff, 0x1012, r3, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DRAIN(r3, 0x40045731, &(0x7f0000000180)=0x101) io_submit(r2, 0x9c0, &(0x7f0000000040)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 417.850581] FAULT_INJECTION: forcing a failure. [ 417.850581] name failslab, interval 1, probability 0, space 0, times 0 [ 417.887428] CPU: 1 PID: 17051 Comm: syz-executor0 Not tainted 4.19.0-rc4+ #27 [ 417.894738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 417.904100] Call Trace: [ 417.906705] dump_stack+0x1c4/0x2b4 [ 417.910359] ? dump_stack_print_info.cold.2+0x52/0x52 [ 417.915588] should_fail.cold.4+0xa/0x17 [ 417.919674] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 417.924795] ? mark_held_locks+0x130/0x130 [ 417.929048] ? print_usage_bug+0xc0/0xc0 [ 417.933127] ? graph_lock+0x170/0x170 [ 417.936951] ? print_usage_bug+0xc0/0xc0 [ 417.941027] ? print_usage_bug+0xc0/0xc0 [ 417.945103] ? graph_lock+0x170/0x170 [ 417.948935] ? find_held_lock+0x36/0x1c0 [ 417.953032] ? __lock_is_held+0xb5/0x140 [ 417.957115] ? ___might_sleep+0x1ed/0x300 [ 417.961280] ? arch_local_save_flags+0x40/0x40 [ 417.965886] __should_failslab+0x124/0x180 [ 417.970136] should_failslab+0x9/0x14 [ 417.970154] kmem_cache_alloc+0x2be/0x730 [ 417.970169] ? vmx_flush_tlb_gva+0x380/0x380 [ 417.970186] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 417.970215] mmu_topup_memory_caches+0xf7/0x390 [ 417.970236] kvm_mmu_load+0x21/0xfa0 [ 417.996496] vcpu_enter_guest+0x3dee/0x62e0 [ 418.000838] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 418.006392] ? check_preemption_disabled+0x48/0x200 [ 418.011434] ? emulator_read_emulated+0x50/0x50 [ 418.016311] ? perf_trace_lock+0x7a0/0x7a0 [ 418.020567] ? vmx_write_tsc_offset+0x680/0x680 [ 418.025250] ? graph_lock+0x170/0x170 [ 418.029074] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 418.034626] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 418.040176] ? check_preemption_disabled+0x48/0x200 [ 418.045202] ? check_preemption_disabled+0x48/0x200 [ 418.050247] ? __lock_is_held+0xb5/0x140 [ 418.052038] FAULT_INJECTION: forcing a failure. [ 418.052038] name failslab, interval 1, probability 0, space 0, times 0 [ 418.054327] ? lock_acquire+0x1ed/0x520 [ 418.054346] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 418.054371] ? lock_release+0x970/0x970 [ 418.054386] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 418.054405] ? kvm_arch_dev_ioctl+0x630/0x630 [ 418.054422] ? preempt_notifier_dec+0x20/0x20 [ 418.054466] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 418.097640] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 418.102685] kvm_vcpu_ioctl+0x72b/0x1150 [ 418.106761] ? kvm_vcpu_block+0x1030/0x1030 [ 418.111101] ? find_held_lock+0x36/0x1c0 [ 418.115189] ? __fget+0x4aa/0x740 [ 418.118657] ? check_preemption_disabled+0x48/0x200 [ 418.123693] ? kasan_check_read+0x11/0x20 [ 418.127857] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 418.133147] ? rcu_bh_qs+0xc0/0xc0 [ 418.136716] ? __fget+0x4d1/0x740 [ 418.140190] ? ksys_dup3+0x680/0x680 [ 418.143915] ? find_held_lock+0x36/0x1c0 [ 418.148079] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 418.153034] ? kvm_vcpu_block+0x1030/0x1030 [ 418.157373] do_vfs_ioctl+0x1de/0x1720 [ 418.161274] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 418.166484] ? ioctl_preallocate+0x300/0x300 [ 418.170960] ? selinux_file_mprotect+0x620/0x620 [ 418.175745] ? __sb_end_write+0xd9/0x110 [ 418.179824] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 418.185369] ? fput+0x130/0x1a0 [ 418.188664] ? do_syscall_64+0x9a/0x820 [ 418.192659] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 418.198218] ? security_file_ioctl+0x94/0xc0 [ 418.202646] ksys_ioctl+0xa9/0xd0 [ 418.206118] __x64_sys_ioctl+0x73/0xb0 [ 418.210023] do_syscall_64+0x1b9/0x820 [ 418.213924] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 418.219312] ? syscall_return_slowpath+0x5e0/0x5e0 [ 418.224252] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 418.229122] ? trace_hardirqs_on_caller+0x310/0x310 [ 418.234154] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 418.239186] ? prepare_exit_to_usermode+0x291/0x3b0 [ 418.244224] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 418.249092] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 418.254289] RIP: 0033:0x457679 [ 418.257495] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 418.276404] RSP: 002b:00007fed0de2ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 418.284131] RAX: ffffffffffffffda RBX: 00007fed0de2f6d4 RCX: 0000000000457679 [ 418.291406] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 418.298701] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 418.305978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 418.313252] R13: 00000000004d0078 R14: 00000000004c016d R15: 0000000000000000 [ 418.320566] CPU: 0 PID: 17054 Comm: syz-executor2 Not tainted 4.19.0-rc4+ #27 [ 418.327854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 418.337209] Call Trace: [ 418.339801] dump_stack+0x1c4/0x2b4 [ 418.339821] ? dump_stack_print_info.cold.2+0x52/0x52 [ 418.339847] ? mark_held_locks+0xc7/0x130 [ 418.352815] should_fail.cold.4+0xa/0x17 [ 418.356892] ? retint_kernel+0x2d/0x2d [ 418.360802] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 418.365915] ? trace_hardirqs_off+0x310/0x310 [ 418.370435] ? save_stack+0xa9/0xd0 [ 418.374078] ? graph_lock+0x170/0x170 [ 418.377898] ? graph_lock+0x170/0x170 [ 418.381727] ? find_held_lock+0x36/0x1c0 [ 418.385805] ? __lock_is_held+0xb5/0x140 [ 418.389896] ? ___might_sleep+0x1ed/0x300 [ 418.394072] ? arch_local_save_flags+0x40/0x40 [ 418.394089] ? retint_kernel+0x2d/0x2d [ 418.394117] __should_failslab+0x124/0x180 [ 418.402578] should_failslab+0x9/0x14 [ 418.402597] kmem_cache_alloc+0x2be/0x730 [ 418.402618] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 418.419527] ? mmu_topup_memory_caches+0xf7/0x390 [ 418.424396] mmu_topup_memory_caches+0xf7/0x390 [ 418.429087] kvm_mmu_load+0x21/0xfa0 [ 418.432824] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 418.438383] ? vmx_clear_hlt.isra.35+0xa8/0xd0 [ 418.442981] vcpu_enter_guest+0x3dee/0x62e0 [ 418.447342] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 418.453194] ? check_preemption_disabled+0x48/0x200 [ 418.458208] ? emulator_read_emulated+0x50/0x50 [ 418.462883] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 418.467629] ? perf_trace_lock+0x7a0/0x7a0 [ 418.471852] ? trace_hardirqs_on_caller+0xc0/0x310 [ 418.476768] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 418.481513] ? trace_hardirqs_off+0x310/0x310 [ 418.485999] ? vmx_write_tsc_offset+0x680/0x680 [ 418.490655] ? graph_lock+0x170/0x170 [ 418.494450] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 418.499995] ? check_preemption_disabled+0x48/0x200 [ 418.505098] ? check_preemption_disabled+0x48/0x200 [ 418.510106] ? __lock_is_held+0xb5/0x140 [ 418.514210] ? lock_acquire+0x1ed/0x520 [ 418.518173] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 418.523185] ? lock_release+0x970/0x970 [ 418.527149] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 418.532415] ? kvm_arch_dev_ioctl+0x630/0x630 [ 418.536918] ? preempt_notifier_dec+0x20/0x20 [ 418.541455] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 418.546300] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 418.551316] kvm_vcpu_ioctl+0x72b/0x1150 [ 418.555367] ? kvm_vcpu_block+0x1030/0x1030 [ 418.559679] ? find_held_lock+0x36/0x1c0 [ 418.563732] ? __fget+0x4aa/0x740 [ 418.567213] ? check_preemption_disabled+0x48/0x200 [ 418.572251] ? kasan_check_read+0x11/0x20 [ 418.576389] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 418.581657] ? rcu_bh_qs+0xc0/0xc0 [ 418.585464] ? __fget+0x4d1/0x740 [ 418.588913] ? ksys_dup3+0x680/0x680 [ 418.592622] ? find_held_lock+0x36/0x1c0 [ 418.596677] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 418.601597] ? kvm_vcpu_block+0x1030/0x1030 [ 418.605911] do_vfs_ioctl+0x1de/0x1720 [ 418.609789] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 418.614999] ? ioctl_preallocate+0x300/0x300 [ 418.619401] ? selinux_file_mprotect+0x620/0x620 [ 418.624148] ? __sb_end_write+0xd9/0x110 [ 418.628216] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 418.633754] ? fput+0x130/0x1a0 [ 418.637023] ? do_syscall_64+0x9a/0x820 [ 418.641006] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 418.646574] ? security_file_ioctl+0x94/0xc0 [ 418.650993] ksys_ioctl+0xa9/0xd0 [ 418.654453] __x64_sys_ioctl+0x73/0xb0 [ 418.658344] do_syscall_64+0x1b9/0x820 [ 418.662230] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 418.667598] ? syscall_return_slowpath+0x5e0/0x5e0 [ 418.672514] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 418.677346] ? trace_hardirqs_on_caller+0x310/0x310 [ 418.682368] ? prepare_exit_to_usermode+0x291/0x3b0 [ 418.687394] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 418.692230] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 418.697410] RIP: 0033:0x457679 [ 418.700594] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 418.719499] RSP: 002b:00007f18a5145c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 418.727205] RAX: ffffffffffffffda RBX: 00007f18a51466d4 RCX: 0000000000457679 [ 418.734472] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 418.741734] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 418.748997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008 [ 418.756257] R13: 00000000004d0078 R14: 00000000004c016d R15: 0000000000000001 19:00:07 executing program 1: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r1, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(0xffffffffffffffff, r1) tkill(r0, 0x1000000000015) 19:00:07 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x0) 19:00:07 executing program 0 (fault-call:6 fault-nth:1): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:00:07 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:00:07 executing program 5: r0 = inotify_init1(0x0) fcntl$setownex(r0, 0xf, &(0x7f0000000180)={0x2}) fcntl$getownex(r0, 0x10, &(0x7f0000000280)) syz_genetlink_get_family_id$team(&(0x7f0000000000)='team\x00') fcntl$getownex(r0, 0x10, &(0x7f0000000040)) r1 = dup(r0) ioctl$TCSBRKP(r1, 0x5425, 0x8080000000) ioctl$VT_RELDISP(r1, 0x5605) syz_mount_image$bfs(&(0x7f0000000140)='bfs\x00', &(0x7f00000001c0)='./file0\x00', 0x80000001, 0x2, &(0x7f00000002c0)=[{&(0x7f0000000200)="07d058e8690023c591ed61fd6d708e5334c8884e052b53aeda1af9b644f54c453ebc8cbcb1a54db6966265ec0265f6", 0x33d, 0x9}, {&(0x7f0000000240)="daeb9700000000", 0x10, 0x1000}], 0x200020, 0x0) stat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) r3 = getegid() fchown(r0, r2, r3) 19:00:07 executing program 4: r0 = socket$inet6(0xa, 0x7, 0xffffffffffffffff) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000001240)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@remote, 0x0, 0xff}, 0x0, @in=@multicast2}}, 0xe8) r1 = socket$key(0xf, 0x3, 0x2) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0xfa) sendmsg$key(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) [ 420.336413] FAULT_INJECTION: forcing a failure. [ 420.336413] name failslab, interval 1, probability 0, space 0, times 0 [ 420.384345] CPU: 1 PID: 17072 Comm: syz-executor0 Not tainted 4.19.0-rc4+ #27 [ 420.391642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 420.391651] Call Trace: [ 420.391675] dump_stack+0x1c4/0x2b4 [ 420.391700] ? dump_stack_print_info.cold.2+0x52/0x52 [ 420.412442] should_fail.cold.4+0xa/0x17 [ 420.416538] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 420.421660] ? save_stack+0xa9/0xd0 [ 420.425300] ? graph_lock+0x170/0x170 [ 420.425315] ? kasan_slab_alloc+0x12/0x20 [ 420.425332] ? kmem_cache_alloc+0x12e/0x730 [ 420.425354] ? mmu_topup_memory_caches+0xf7/0x390 [ 420.437595] ? kvm_mmu_load+0x21/0xfa0 [ 420.437617] ? vcpu_enter_guest+0x3dee/0x62e0 [ 420.451107] ? graph_lock+0x170/0x170 [ 420.454919] ? ksys_ioctl+0xa9/0xd0 [ 420.454934] ? __x64_sys_ioctl+0x73/0xb0 [ 420.454972] ? do_syscall_64+0x1b9/0x820 [ 420.466690] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 420.472079] ? find_held_lock+0x36/0x1c0 [ 420.476161] ? __lock_is_held+0xb5/0x140 [ 420.480255] ? ___might_sleep+0x1ed/0x300 19:00:07 executing program 4: r0 = socket$inet6(0xa, 0x7, 0xffffffffffffffff) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000001240)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@remote, 0x0, 0xff}, 0x0, @in=@multicast2}}, 0xe8) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) [ 420.484419] ? arch_local_save_flags+0x40/0x40 [ 420.489038] __should_failslab+0x124/0x180 [ 420.493287] should_failslab+0x9/0x14 [ 420.497101] kmem_cache_alloc+0x2be/0x730 [ 420.501258] ? vmx_flush_tlb_gva+0x380/0x380 [ 420.505681] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 420.511233] ? mmu_topup_memory_caches+0xf7/0x390 [ 420.516104] mmu_topup_memory_caches+0xf7/0x390 [ 420.520791] kvm_mmu_load+0x21/0xfa0 [ 420.524546] vcpu_enter_guest+0x3dee/0x62e0 [ 420.528889] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 420.534433] ? check_preemption_disabled+0x48/0x200 [ 420.539455] ? emulator_read_emulated+0x50/0x50 [ 420.544139] ? perf_trace_lock+0x7a0/0x7a0 [ 420.548382] ? vmx_write_tsc_offset+0x680/0x680 [ 420.553039] ? graph_lock+0x170/0x170 [ 420.556828] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 420.562363] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 420.567896] ? check_preemption_disabled+0x48/0x200 [ 420.572919] ? check_preemption_disabled+0x48/0x200 [ 420.577948] ? __lock_is_held+0xb5/0x140 [ 420.582006] ? lock_acquire+0x1ed/0x520 [ 420.585985] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 420.591008] ? lock_release+0x970/0x970 [ 420.594984] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 420.600299] ? kvm_arch_dev_ioctl+0x630/0x630 [ 420.604788] ? preempt_notifier_dec+0x20/0x20 [ 420.609280] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 420.614124] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 420.619151] kvm_vcpu_ioctl+0x72b/0x1150 [ 420.623215] ? kvm_vcpu_block+0x1030/0x1030 [ 420.627542] ? find_held_lock+0x36/0x1c0 [ 420.631598] ? __fget+0x4aa/0x740 [ 420.635043] ? check_preemption_disabled+0x48/0x200 [ 420.640052] ? kasan_check_read+0x11/0x20 [ 420.644195] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 420.649482] ? rcu_bh_qs+0xc0/0xc0 [ 420.653036] ? __fget+0x4d1/0x740 [ 420.656511] ? ksys_dup3+0x680/0x680 [ 420.660226] ? find_held_lock+0x36/0x1c0 [ 420.664872] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 420.669796] ? kvm_vcpu_block+0x1030/0x1030 [ 420.674119] do_vfs_ioctl+0x1de/0x1720 [ 420.678017] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 420.683218] ? ioctl_preallocate+0x300/0x300 [ 420.687636] ? selinux_file_mprotect+0x620/0x620 [ 420.692395] ? __sb_end_write+0xd9/0x110 [ 420.696449] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 420.701981] ? fput+0x130/0x1a0 [ 420.705265] ? do_syscall_64+0x9a/0x820 [ 420.709248] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 420.714788] ? security_file_ioctl+0x94/0xc0 [ 420.719202] ksys_ioctl+0xa9/0xd0 [ 420.722648] __x64_sys_ioctl+0x73/0xb0 [ 420.726526] do_syscall_64+0x1b9/0x820 [ 420.730412] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 420.735766] ? syscall_return_slowpath+0x5e0/0x5e0 [ 420.740683] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 420.745516] ? trace_hardirqs_on_caller+0x310/0x310 [ 420.750525] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 420.755541] ? prepare_exit_to_usermode+0x291/0x3b0 [ 420.760563] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 420.765400] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 420.770576] RIP: 0033:0x457679 [ 420.773772] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 420.792700] RSP: 002b:00007fed0de2ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 420.800426] RAX: ffffffffffffffda RBX: 00007fed0de2f6d4 RCX: 0000000000457679 [ 420.807688] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 420.814988] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 420.822262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 19:00:08 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x541b, 0x0) [ 420.829528] R13: 00000000004d0078 R14: 00000000004c016d R15: 0000000000000001 19:00:08 executing program 4: r0 = socket$inet6(0xa, 0x7, 0xffffffffffffffff) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000001240)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@remote, 0x0, 0xff}, 0x0, @in=@multicast2}}, 0xe8) sendmsg$key(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:08 executing program 5: r0 = socket$inet6(0xa, 0x7, 0xffffffffffffffff) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000001240)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@remote, 0x0, 0xff}, 0x0, @in=@multicast2}}, 0xe8) r1 = socket$key(0xf, 0x3, 0x2) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0xfa) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="020b0001020000000000410000000000"], 0x10}}, 0x0) sendmsg$key(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:08 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x80086601, 0x0) 19:00:08 executing program 0 (fault-call:6 fault-nth:2): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 421.084315] FAULT_INJECTION: forcing a failure. [ 421.084315] name failslab, interval 1, probability 0, space 0, times 0 [ 421.134661] CPU: 0 PID: 17105 Comm: syz-executor0 Not tainted 4.19.0-rc4+ #27 [ 421.141997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 421.151361] Call Trace: [ 421.153982] dump_stack+0x1c4/0x2b4 [ 421.157635] ? dump_stack_print_info.cold.2+0x52/0x52 [ 421.162865] should_fail.cold.4+0xa/0x17 [ 421.166966] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 421.172089] ? save_stack+0xa9/0xd0 [ 421.175735] ? graph_lock+0x170/0x170 [ 421.179544] ? kasan_slab_alloc+0x12/0x20 [ 421.183705] ? kmem_cache_alloc+0x12e/0x730 [ 421.188042] ? mmu_topup_memory_caches+0xf7/0x390 [ 421.192891] ? kvm_mmu_load+0x21/0xfa0 [ 421.196790] ? vcpu_enter_guest+0x3dee/0x62e0 [ 421.201298] ? graph_lock+0x170/0x170 [ 421.205113] ? ksys_ioctl+0xa9/0xd0 [ 421.208749] ? __x64_sys_ioctl+0x73/0xb0 [ 421.208767] ? do_syscall_64+0x1b9/0x820 [ 421.208785] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 421.208811] ? find_held_lock+0x36/0x1c0 [ 421.208833] ? __lock_is_held+0xb5/0x140 [ 421.208862] ? ___might_sleep+0x1ed/0x300 [ 421.216993] ? arch_local_save_flags+0x40/0x40 [ 421.217026] __should_failslab+0x124/0x180 [ 421.217048] should_failslab+0x9/0x14 [ 421.217065] kmem_cache_alloc+0x2be/0x730 [ 421.217083] ? vmx_flush_tlb_gva+0x380/0x380 [ 421.226491] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 421.226514] ? mmu_topup_memory_caches+0xf7/0x390 [ 421.226536] mmu_topup_memory_caches+0xf7/0x390 [ 421.234735] kvm_mmu_load+0x21/0xfa0 [ 421.234770] vcpu_enter_guest+0x3dee/0x62e0 [ 421.234791] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 421.261453] ? check_preemption_disabled+0x48/0x200 [ 421.261484] ? emulator_read_emulated+0x50/0x50 [ 421.261510] ? perf_trace_lock+0x7a0/0x7a0 [ 421.271017] ? vmx_write_tsc_offset+0x680/0x680 [ 421.271034] ? graph_lock+0x170/0x170 [ 421.271055] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 421.271072] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 421.271087] ? check_preemption_disabled+0x48/0x200 [ 421.271104] ? check_preemption_disabled+0x48/0x200 [ 421.294340] ? __lock_is_held+0xb5/0x140 [ 421.303233] ? lock_acquire+0x1ed/0x520 [ 421.303252] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 421.303275] ? lock_release+0x970/0x970 [ 421.345102] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 421.350406] ? kvm_arch_dev_ioctl+0x630/0x630 [ 421.354906] ? preempt_notifier_dec+0x20/0x20 [ 421.359434] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 421.364281] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 421.369325] kvm_vcpu_ioctl+0x72b/0x1150 [ 421.373397] ? kvm_vcpu_block+0x1030/0x1030 [ 421.377733] ? find_held_lock+0x36/0x1c0 [ 421.381814] ? __fget+0x4aa/0x740 [ 421.385278] ? check_preemption_disabled+0x48/0x200 [ 421.390315] ? kasan_check_read+0x11/0x20 [ 421.394469] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 421.399755] ? rcu_bh_qs+0xc0/0xc0 [ 421.403313] ? __fget+0x4d1/0x740 [ 421.406779] ? ksys_dup3+0x680/0x680 [ 421.410502] ? find_held_lock+0x36/0x1c0 [ 421.414611] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 421.419560] ? kvm_vcpu_block+0x1030/0x1030 [ 421.423891] do_vfs_ioctl+0x1de/0x1720 [ 421.427790] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 421.432994] ? ioctl_preallocate+0x300/0x300 [ 421.437418] ? selinux_file_mprotect+0x620/0x620 [ 421.442187] ? __sb_end_write+0xd9/0x110 [ 421.446257] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 421.452303] ? fput+0x130/0x1a0 [ 421.455593] ? do_syscall_64+0x9a/0x820 [ 421.459578] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 421.465124] ? security_file_ioctl+0x94/0xc0 [ 421.469548] ksys_ioctl+0xa9/0xd0 [ 421.473013] __x64_sys_ioctl+0x73/0xb0 [ 421.476927] do_syscall_64+0x1b9/0x820 [ 421.480833] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 421.486205] ? syscall_return_slowpath+0x5e0/0x5e0 [ 421.491137] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 421.495994] ? trace_hardirqs_on_caller+0x310/0x310 [ 421.501016] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 421.506044] ? prepare_exit_to_usermode+0x291/0x3b0 [ 421.511072] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 421.515933] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 421.521143] RIP: 0033:0x457679 [ 421.524341] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 421.543245] RSP: 002b:00007fed0de2ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 421.550972] RAX: ffffffffffffffda RBX: 00007fed0de2f6d4 RCX: 0000000000457679 [ 421.558242] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 421.565512] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 421.572782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 421.580051] R13: 00000000004d0078 R14: 00000000004c016d R15: 0000000000000002 19:00:10 executing program 1: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r1, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(0xffffffffffffffff, r1) tkill(r0, 0x1000000000015) 19:00:10 executing program 4: socket$inet6(0xa, 0x7, 0xffffffffffffffff) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:10 executing program 5: r0 = socket$inet6(0xa, 0x7, 0xffffffffffffffff) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000001240)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@remote, 0x0, 0xff}, 0x0, @in=@multicast2}}, 0xe8) r1 = socket$key(0xf, 0x3, 0x2) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0xfa) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="020b0001020000000000410000000000"], 0x10}}, 0x0) sendmsg$key(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:10 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xc018ae85, 0x0) 19:00:10 executing program 0 (fault-call:6 fault-nth:3): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:00:10 executing program 3 (fault-call:3 fault-nth:0): r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) [ 423.389676] FAULT_INJECTION: forcing a failure. [ 423.389676] name failslab, interval 1, probability 0, space 0, times 0 [ 423.430594] CPU: 0 PID: 17125 Comm: syz-executor0 Not tainted 4.19.0-rc4+ #27 [ 423.437938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 423.447318] Call Trace: [ 423.447345] dump_stack+0x1c4/0x2b4 [ 423.447371] ? dump_stack_print_info.cold.2+0x52/0x52 [ 423.454073] should_fail.cold.4+0xa/0x17 [ 423.454097] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 423.468426] ? save_stack+0xa9/0xd0 [ 423.472073] ? graph_lock+0x170/0x170 [ 423.475882] ? kasan_slab_alloc+0x12/0x20 [ 423.480043] ? kmem_cache_alloc+0x12e/0x730 [ 423.484379] ? mmu_topup_memory_caches+0xf7/0x390 [ 423.484393] ? kvm_mmu_load+0x21/0xfa0 [ 423.484411] ? vcpu_enter_guest+0x3dee/0x62e0 [ 423.484436] ? graph_lock+0x170/0x170 [ 423.497660] ? ksys_ioctl+0xa9/0xd0 [ 423.505069] ? __x64_sys_ioctl+0x73/0xb0 [ 423.509149] ? do_syscall_64+0x1b9/0x820 [ 423.513222] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 423.518610] ? find_held_lock+0x36/0x1c0 [ 423.522685] ? __lock_is_held+0xb5/0x140 [ 423.522717] ? ___might_sleep+0x1ed/0x300 [ 423.530909] ? arch_local_save_flags+0x40/0x40 [ 423.530951] __should_failslab+0x124/0x180 [ 423.530980] should_failslab+0x9/0x14 [ 423.531001] kmem_cache_alloc+0x2be/0x730 [ 423.547737] ? vmx_flush_tlb_gva+0x380/0x380 [ 423.552171] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 423.557730] ? mmu_topup_memory_caches+0xf7/0x390 [ 423.562585] mmu_topup_memory_caches+0xf7/0x390 [ 423.567272] kvm_mmu_load+0x21/0xfa0 [ 423.571000] vcpu_enter_guest+0x3dee/0x62e0 [ 423.575310] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 423.580838] ? check_preemption_disabled+0x48/0x200 [ 423.585863] ? emulator_read_emulated+0x50/0x50 [ 423.590539] ? perf_trace_lock+0x7a0/0x7a0 [ 423.594770] ? vmx_write_tsc_offset+0x680/0x680 [ 423.599440] ? graph_lock+0x170/0x170 [ 423.603258] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 423.608804] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 423.614355] ? check_preemption_disabled+0x48/0x200 [ 423.619382] ? check_preemption_disabled+0x48/0x200 [ 423.624422] ? __lock_is_held+0xb5/0x140 19:00:10 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) [ 423.628524] ? lock_acquire+0x1ed/0x520 [ 423.632516] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 423.637557] ? lock_release+0x970/0x970 [ 423.641551] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 423.646849] ? kvm_arch_dev_ioctl+0x630/0x630 [ 423.651361] ? preempt_notifier_dec+0x20/0x20 [ 423.655886] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 423.660747] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 423.665798] kvm_vcpu_ioctl+0x72b/0x1150 [ 423.669877] ? kvm_vcpu_block+0x1030/0x1030 [ 423.674225] ? find_held_lock+0x36/0x1c0 [ 423.678303] ? __fget+0x4aa/0x740 [ 423.681795] ? check_preemption_disabled+0x48/0x200 [ 423.686820] ? kasan_check_read+0x11/0x20 [ 423.691023] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 423.696292] ? rcu_bh_qs+0xc0/0xc0 [ 423.699828] ? __fget+0x4d1/0x740 [ 423.703273] ? ksys_dup3+0x680/0x680 [ 423.706995] ? find_held_lock+0x36/0x1c0 [ 423.711072] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 423.715998] ? kvm_vcpu_block+0x1030/0x1030 [ 423.720319] do_vfs_ioctl+0x1de/0x1720 [ 423.724220] ? __sanitizer_cov_trace_switch+0x53/0x90 19:00:10 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2000016b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) [ 423.729447] ? ioctl_preallocate+0x300/0x300 [ 423.733867] ? selinux_file_mprotect+0x620/0x620 [ 423.738646] ? __sb_end_write+0xd9/0x110 [ 423.742729] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 423.748273] ? fput+0x130/0x1a0 [ 423.751558] ? do_syscall_64+0x9a/0x820 [ 423.755539] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 423.761090] ? security_file_ioctl+0x94/0xc0 [ 423.765514] ksys_ioctl+0xa9/0xd0 [ 423.769008] __x64_sys_ioctl+0x73/0xb0 [ 423.772916] do_syscall_64+0x1b9/0x820 [ 423.776828] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 423.782213] ? syscall_return_slowpath+0x5e0/0x5e0 [ 423.787158] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 423.792021] ? trace_hardirqs_on_caller+0x310/0x310 [ 423.797057] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 423.802091] ? prepare_exit_to_usermode+0x291/0x3b0 [ 423.807135] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 423.812013] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 423.817205] RIP: 0033:0x457679 [ 423.820393] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 423.839292] RSP: 002b:00007fed0de2ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 423.847005] RAX: ffffffffffffffda RBX: 00007fed0de2f6d4 RCX: 0000000000457679 [ 423.854274] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 423.861545] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 423.868810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 19:00:11 executing program 5: r0 = socket$inet6(0xa, 0x7, 0xffffffffffffffff) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000001240)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@remote, 0x0, 0xff}, 0x0, @in=@multicast2}}, 0xe8) r1 = socket$key(0xf, 0x3, 0x2) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0xfa) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="020b0001020000000000410000000000"], 0x10}}, 0x0) sendmsg$key(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:11 executing program 4: socket$inet6(0xa, 0x7, 0xffffffffffffffff) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:11 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x81a0ae8c, 0x0) [ 423.876092] R13: 00000000004d0078 R14: 00000000004c016d R15: 0000000000000003 19:00:11 executing program 0 (fault-call:6 fault-nth:4): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 424.017525] FAULT_INJECTION: forcing a failure. [ 424.017525] name failslab, interval 1, probability 0, space 0, times 0 [ 424.028852] CPU: 1 PID: 17153 Comm: syz-executor0 Not tainted 4.19.0-rc4+ #27 [ 424.036141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 424.045506] Call Trace: [ 424.048117] dump_stack+0x1c4/0x2b4 [ 424.051772] ? dump_stack_print_info.cold.2+0x52/0x52 [ 424.057009] should_fail.cold.4+0xa/0x17 [ 424.061095] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 424.066219] ? save_stack+0xa9/0xd0 [ 424.069862] ? graph_lock+0x170/0x170 [ 424.073675] ? kasan_slab_alloc+0x12/0x20 [ 424.077835] ? kmem_cache_alloc+0x12e/0x730 [ 424.082173] ? mmu_topup_memory_caches+0xf7/0x390 [ 424.087026] ? kvm_mmu_load+0x21/0xfa0 [ 424.090929] ? vcpu_enter_guest+0x3dee/0x62e0 [ 424.095449] ? graph_lock+0x170/0x170 [ 424.099268] ? ksys_ioctl+0xa9/0xd0 [ 424.102913] ? __x64_sys_ioctl+0x73/0xb0 [ 424.107003] ? do_syscall_64+0x1b9/0x820 [ 424.111084] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 424.116500] ? find_held_lock+0x36/0x1c0 [ 424.116524] ? __lock_is_held+0xb5/0x140 [ 424.116557] ? ___might_sleep+0x1ed/0x300 [ 424.116577] ? arch_local_save_flags+0x40/0x40 [ 424.124705] __should_failslab+0x124/0x180 [ 424.124729] should_failslab+0x9/0x14 [ 424.124747] kmem_cache_alloc+0x2be/0x730 [ 424.124761] ? vmx_flush_tlb_gva+0x380/0x380 [ 424.124782] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 424.155604] ? mmu_topup_memory_caches+0xf7/0x390 [ 424.160478] mmu_topup_memory_caches+0xf7/0x390 [ 424.165163] kvm_mmu_load+0x21/0xfa0 [ 424.165199] vcpu_enter_guest+0x3dee/0x62e0 [ 424.165218] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 424.165234] ? check_preemption_disabled+0x48/0x200 [ 424.165262] ? emulator_read_emulated+0x50/0x50 [ 424.165292] ? perf_trace_lock+0x7a0/0x7a0 [ 424.178858] ? vmx_write_tsc_offset+0x680/0x680 [ 424.178877] ? graph_lock+0x170/0x170 [ 424.178898] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 424.178914] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 424.178930] ? check_preemption_disabled+0x48/0x200 [ 424.178954] ? check_preemption_disabled+0x48/0x200 [ 424.178982] ? __lock_is_held+0xb5/0x140 [ 424.201332] ? lock_acquire+0x1ed/0x520 [ 424.212391] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 424.212416] ? lock_release+0x970/0x970 [ 424.212431] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 424.212451] ? kvm_arch_dev_ioctl+0x630/0x630 [ 424.249243] ? preempt_notifier_dec+0x20/0x20 [ 424.253768] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 424.253785] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 424.253816] kvm_vcpu_ioctl+0x72b/0x1150 [ 424.263666] ? kvm_vcpu_block+0x1030/0x1030 [ 424.263692] ? find_held_lock+0x36/0x1c0 [ 424.263719] ? __fget+0x4aa/0x740 [ 424.263738] ? check_preemption_disabled+0x48/0x200 [ 424.272110] ? kasan_check_read+0x11/0x20 [ 424.272130] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 424.272149] ? rcu_bh_qs+0xc0/0xc0 [ 424.272180] ? __fget+0x4d1/0x740 [ 424.272205] ? ksys_dup3+0x680/0x680 [ 424.279694] ? find_held_lock+0x36/0x1c0 [ 424.279723] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 424.279748] ? kvm_vcpu_block+0x1030/0x1030 [ 424.279772] do_vfs_ioctl+0x1de/0x1720 [ 424.301187] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 424.308976] ? ioctl_preallocate+0x300/0x300 [ 424.309000] ? selinux_file_mprotect+0x620/0x620 [ 424.309022] ? __sb_end_write+0xd9/0x110 [ 424.327344] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 424.327358] ? fput+0x130/0x1a0 [ 424.327379] ? do_syscall_64+0x9a/0x820 [ 424.336536] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 424.336556] ? security_file_ioctl+0x94/0xc0 [ 424.336580] ksys_ioctl+0xa9/0xd0 [ 424.366783] __x64_sys_ioctl+0x73/0xb0 [ 424.370692] do_syscall_64+0x1b9/0x820 [ 424.374597] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 424.379988] ? syscall_return_slowpath+0x5e0/0x5e0 [ 424.384970] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 424.389830] ? trace_hardirqs_on_caller+0x310/0x310 [ 424.394862] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 424.399898] ? prepare_exit_to_usermode+0x291/0x3b0 [ 424.404952] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 424.409820] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 424.415017] RIP: 0033:0x457679 [ 424.415035] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 424.415045] RSP: 002b:00007fed0de2ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 424.415064] RAX: ffffffffffffffda RBX: 00007fed0de2f6d4 RCX: 0000000000457679 [ 424.415074] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 424.415084] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 19:00:11 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, 0xffffffffffffffff) tkill(r1, 0x1000000000015) 19:00:11 executing program 4: socket$inet6(0xa, 0x7, 0xffffffffffffffff) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:11 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x7ffff) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:11 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x4048ae9b, 0x0) [ 424.415094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 424.415108] R13: 00000000004d0078 R14: 00000000004c016d R15: 0000000000000004 19:00:11 executing program 5: r0 = socket$inet6(0xa, 0x7, 0xffffffffffffffff) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000001240)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@remote, 0x0, 0xff}, 0x0, @in=@multicast2}}, 0xe8) r1 = socket$key(0xf, 0x3, 0x2) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0xfa) sendmsg$key(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:11 executing program 4: socket$inet6(0xa, 0x7, 0xffffffffffffffff) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:11 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x4b49, 0x0) 19:00:11 executing program 5: r0 = socket$inet6(0xa, 0x7, 0xffffffffffffffff) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000001240)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@remote, 0x0, 0xff}, 0x0, @in=@multicast2}}, 0xe8) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:11 executing program 0 (fault-call:6 fault-nth:5): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:00:11 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:12 executing program 5: r0 = socket$inet6(0xa, 0x7, 0xffffffffffffffff) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000001240)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@remote, 0x0, 0xff}, 0x0, @in=@multicast2}}, 0xe8) sendmsg$key(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:12 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x80087601, 0x0) 19:00:12 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) gettid() r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r1, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r1) tkill(0x0, 0x1000000000015) 19:00:12 executing program 4: perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:12 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:00:12 executing program 5: socket$inet6(0xa, 0x7, 0xffffffffffffffff) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:12 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x8) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:12 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x2, 0x0) 19:00:12 executing program 4: perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:12 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x4138ae84, 0x0) 19:00:12 executing program 5: socket$inet6(0xa, 0x7, 0xffffffffffffffff) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:12 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x4004ae99, 0x0) 19:00:12 executing program 4: perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:12 executing program 5: socket$inet6(0xa, 0x7, 0xffffffffffffffff) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:13 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x0) 19:00:13 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x4090ae82, 0x0) 19:00:13 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:13 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xc0045878, 0x0) 19:00:13 executing program 5: socket$inet6(0xa, 0x7, 0xffffffffffffffff) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:13 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) readlink(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=""/33, 0x21) r1 = gettid() r2 = dup2(r0, r0) ioctl$EVIOCSABS20(r2, 0x401845e0, &(0x7f0000000100)={0x0, 0x6, 0x0, 0x2, 0x5, 0x2}) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r3, &(0x7f0000000140)=""/43, 0x2b) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r2, 0xc08c5335, &(0x7f0000000280)={0x10001, 0x0, 0x4, 'queue1\x00', 0x7}) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r3) tkill(r1, 0x1000000000015) 19:00:13 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:13 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:13 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x8004ae98, 0x0) 19:00:13 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xc0045878, 0x0) 19:00:13 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:13 executing program 5: perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:14 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() setsockopt$inet6_icmp_ICMP_FILTER(r0, 0x1, 0x1, &(0x7f0000000080)={0x3511}, 0x4) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0xffffffb1) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:14 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x40087602, 0x0) 19:00:14 executing program 5: perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:14 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:14 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x8004ae98, 0x0) 19:00:14 executing program 1: 19:00:14 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:14 executing program 1: 19:00:14 executing program 5: perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:14 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x5450, 0x0) 19:00:14 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x5460, 0x0) 19:00:14 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:14 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:14 executing program 1: 19:00:14 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x40049409, 0x0) 19:00:14 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:14 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000080)=0xff, 0x2) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:14 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xc0189436, 0x0) 19:00:14 executing program 1: 19:00:14 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:14 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:14 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xc020660b, 0x0) 19:00:14 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x5451, 0x0) 19:00:14 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:14 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0x0, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:15 executing program 1: 19:00:15 executing program 1: 19:00:15 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xc0189436, 0x0) 19:00:15 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) r3 = dup3(r2, r0, 0x0) r4 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x0, 0x10000000002000) ioctl$NBD_SET_SOCK(r3, 0xab00, r4) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) fstat(r0, &(0x7f00000000c0)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:15 executing program 4 (fault-call:2 fault-nth:0): perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:15 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:15 executing program 1 (fault-call:3 fault-nth:0): r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:15 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xc020660b, 0x0) 19:00:15 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x5421, 0x0) [ 428.352171] FAULT_INJECTION: forcing a failure. [ 428.352171] name failslab, interval 1, probability 0, space 0, times 0 19:00:15 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x80087601, 0x0) [ 428.442089] CPU: 1 PID: 17404 Comm: syz-executor4 Not tainted 4.19.0-rc4+ #27 [ 428.449415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 428.459006] Call Trace: [ 428.461632] dump_stack+0x1c4/0x2b4 [ 428.465305] ? dump_stack_print_info.cold.2+0x52/0x52 [ 428.470557] should_fail.cold.4+0xa/0x17 [ 428.470591] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 428.479758] ? graph_lock+0x170/0x170 [ 428.483584] ? perf_trace_lock_acquire+0x501/0x800 [ 428.488568] ? perf_trace_lock+0x7a0/0x7a0 [ 428.492843] ? find_held_lock+0x36/0x1c0 [ 428.496987] ? ___might_sleep+0x1ed/0x300 [ 428.501163] ? arch_local_save_flags+0x40/0x40 [ 428.505773] ? rcu_bh_qs+0xc0/0xc0 [ 428.509352] __should_failslab+0x124/0x180 [ 428.509380] should_failslab+0x9/0x14 [ 428.509407] kmem_cache_alloc_node+0x26e/0x730 [ 428.517445] ? avc_has_perm_noaudit+0x630/0x630 [ 428.517558] __alloc_skb+0x119/0x770 [ 428.530466] ? skb_scrub_packet+0x490/0x490 [ 428.534802] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 428.540361] ? _copy_from_user+0xdf/0x150 [ 428.544534] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 428.549568] ? rw_copy_check_uvector+0x310/0x3e0 [ 428.554362] ? sock_has_perm+0x2bc/0x3e0 [ 428.558444] ? selinux_secmark_relabel_packet+0xe0/0xe0 [ 428.563839] ? dup_iter+0x1e2/0x270 [ 428.567563] pfkey_sendmsg+0x263/0xfb0 [ 428.571500] ? pfkey_spdget+0xb20/0xb20 [ 428.575503] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 428.581058] ? security_socket_sendmsg+0x94/0xc0 [ 428.586361] ? pfkey_spdget+0xb20/0xb20 [ 428.590393] sock_sendmsg+0xd5/0x120 [ 428.594132] ___sys_sendmsg+0x7fd/0x930 [ 428.598118] ? find_held_lock+0x36/0x1c0 [ 428.602209] ? copy_msghdr_from_user+0x580/0x580 [ 428.607005] ? lock_downgrade+0x900/0x900 [ 428.611180] ? proc_fail_nth_write+0x9e/0x210 [ 428.615704] ? __fget_light+0x2e9/0x430 [ 428.619701] ? fget_raw+0x20/0x20 [ 428.623183] ? kasan_check_write+0x14/0x20 [ 428.627433] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 428.632399] ? wait_for_completion+0x8a0/0x8a0 [ 428.637020] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 428.642576] ? sockfd_lookup_light+0xc5/0x160 [ 428.647099] __sys_sendmsg+0x11d/0x280 [ 428.651014] ? __ia32_sys_shutdown+0x80/0x80 [ 428.655440] ? __sb_end_write+0xd9/0x110 [ 428.659536] ? fput+0x130/0x1a0 [ 428.662848] ? do_syscall_64+0x9a/0x820 [ 428.666843] ? do_syscall_64+0x9a/0x820 [ 428.670855] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 428.676342] __x64_sys_sendmsg+0x78/0xb0 [ 428.680430] do_syscall_64+0x1b9/0x820 [ 428.684338] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 428.689725] ? syscall_return_slowpath+0x5e0/0x5e0 [ 428.694687] ? trace_hardirqs_on_caller+0x310/0x310 [ 428.699725] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 428.704753] ? recalc_sigpending_tsk+0x180/0x180 [ 428.709531] ? kasan_check_write+0x14/0x20 [ 428.713796] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 428.718680] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 428.723892] RIP: 0033:0x457679 19:00:15 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:15 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:15 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x5421, 0x0) [ 428.727099] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 428.746011] RSP: 002b:00007f57ff800c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 428.753742] RAX: ffffffffffffffda RBX: 00007f57ff8016d4 RCX: 0000000000457679 [ 428.761026] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000004 [ 428.768307] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 428.775587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 428.782870] R13: 00000000004d5490 R14: 00000000004c3871 R15: 0000000000000000 19:00:16 executing program 4 (fault-call:2 fault-nth:1): perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:16 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) [ 428.915517] FAULT_INJECTION: forcing a failure. [ 428.915517] name failslab, interval 1, probability 0, space 0, times 0 [ 428.975828] CPU: 1 PID: 17424 Comm: syz-executor4 Not tainted 4.19.0-rc4+ #27 [ 428.983151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 428.992525] Call Trace: [ 428.995145] dump_stack+0x1c4/0x2b4 [ 428.998818] ? dump_stack_print_info.cold.2+0x52/0x52 [ 429.004058] should_fail.cold.4+0xa/0x17 [ 429.004087] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 429.013258] ? graph_lock+0x170/0x170 [ 429.013293] ? save_stack+0xa9/0xd0 [ 429.020712] ? kasan_kmalloc+0xc7/0xe0 [ 429.024638] ? find_held_lock+0x36/0x1c0 [ 429.028768] ? ___might_sleep+0x1ed/0x300 [ 429.032962] ? arch_local_save_flags+0x40/0x40 [ 429.037579] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 429.043167] __should_failslab+0x124/0x180 [ 429.047437] should_failslab+0x9/0x14 [ 429.051272] kmem_cache_alloc_node_trace+0x270/0x740 [ 429.056430] __kmalloc_node_track_caller+0x33/0x70 [ 429.061414] __kmalloc_reserve.isra.39+0x41/0xe0 [ 429.066215] __alloc_skb+0x155/0x770 [ 429.069984] ? skb_scrub_packet+0x490/0x490 [ 429.074344] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 429.079912] ? _copy_from_user+0xdf/0x150 [ 429.084107] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 429.089152] ? rw_copy_check_uvector+0x310/0x3e0 [ 429.093955] ? sock_has_perm+0x2bc/0x3e0 [ 429.098099] ? selinux_secmark_relabel_packet+0xe0/0xe0 [ 429.103490] ? dup_iter+0x1e2/0x270 [ 429.107148] pfkey_sendmsg+0x263/0xfb0 [ 429.111078] ? pfkey_spdget+0xb20/0xb20 [ 429.115078] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 429.120632] ? security_socket_sendmsg+0x94/0xc0 [ 429.125409] ? pfkey_spdget+0xb20/0xb20 [ 429.129417] sock_sendmsg+0xd5/0x120 [ 429.133161] ___sys_sendmsg+0x7fd/0x930 [ 429.137156] ? find_held_lock+0x36/0x1c0 [ 429.141250] ? copy_msghdr_from_user+0x580/0x580 [ 429.146036] ? lock_downgrade+0x900/0x900 [ 429.150212] ? proc_fail_nth_write+0x9e/0x210 [ 429.154745] ? __fget_light+0x2e9/0x430 [ 429.158747] ? fget_raw+0x20/0x20 [ 429.162237] ? kasan_check_write+0x14/0x20 [ 429.166498] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 429.171464] ? wait_for_completion+0x8a0/0x8a0 [ 429.176101] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 429.181666] ? sockfd_lookup_light+0xc5/0x160 [ 429.186234] __sys_sendmsg+0x11d/0x280 [ 429.190148] ? __ia32_sys_shutdown+0x80/0x80 [ 429.194583] ? __sb_end_write+0xd9/0x110 [ 429.198681] ? fput+0x130/0x1a0 [ 429.201996] ? do_syscall_64+0x9a/0x820 [ 429.205991] ? do_syscall_64+0x9a/0x820 [ 429.210017] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 429.215512] __x64_sys_sendmsg+0x78/0xb0 [ 429.219601] do_syscall_64+0x1b9/0x820 [ 429.223507] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 429.228915] ? syscall_return_slowpath+0x5e0/0x5e0 [ 429.233898] ? trace_hardirqs_on_caller+0x310/0x310 [ 429.238938] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 429.244000] ? recalc_sigpending_tsk+0x180/0x180 [ 429.248781] ? kasan_check_write+0x14/0x20 [ 429.253067] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 429.257957] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 429.263170] RIP: 0033:0x457679 [ 429.266385] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 429.285304] RSP: 002b:00007f57ff800c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 429.293043] RAX: ffffffffffffffda RBX: 00007f57ff8016d4 RCX: 0000000000457679 [ 429.300328] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000004 [ 429.307613] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 429.315682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 429.322972] R13: 00000000004d5490 R14: 00000000004c3871 R15: 0000000000000001 19:00:17 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) ioctl$RTC_EPOCH_READ(r3, 0x8008700d, &(0x7f00000000c0)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x40086602, 0x0) 19:00:17 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x8) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:17 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0x0, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:17 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x5450, 0x0) 19:00:17 executing program 4 (fault-call:2 fault-nth:2): perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) [ 429.926639] FAULT_INJECTION: forcing a failure. [ 429.926639] name failslab, interval 1, probability 0, space 0, times 0 [ 429.973007] CPU: 0 PID: 17450 Comm: syz-executor4 Not tainted 4.19.0-rc4+ #27 [ 429.980327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 429.980345] Call Trace: [ 429.980373] dump_stack+0x1c4/0x2b4 [ 429.980407] ? dump_stack_print_info.cold.2+0x52/0x52 [ 429.980468] should_fail.cold.4+0xa/0x17 [ 429.992402] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 429.992430] ? is_bpf_text_address+0xd3/0x170 [ 429.992458] ? graph_lock+0x170/0x170 [ 430.018727] ? graph_lock+0x170/0x170 [ 430.022574] ? find_held_lock+0x36/0x1c0 [ 430.026659] ? __lock_is_held+0xb5/0x140 [ 430.030763] ? ___might_sleep+0x1ed/0x300 [ 430.034933] ? arch_local_save_flags+0x40/0x40 [ 430.039553] ? pfkey_sendmsg+0x5d3/0xfb0 [ 430.043655] __should_failslab+0x124/0x180 [ 430.047914] should_failslab+0x9/0x14 [ 430.051746] kmem_cache_alloc+0x2be/0x730 [ 430.055969] skb_clone+0x1bb/0x500 [ 430.059533] ? skb_split+0x11e0/0x11e0 [ 430.063444] ? __might_fault+0x12b/0x1e0 [ 430.067523] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 430.072572] ? arch_local_save_flags+0x40/0x40 [ 430.077182] pfkey_process+0xc1/0x9a0 [ 430.081245] ? iov_iter_npages+0xe80/0xe80 [ 430.085501] ? pfkey_send_new_mapping+0x1260/0x1260 [ 430.090535] ? copyin+0xb7/0x100 [ 430.093928] ? _copy_from_iter_full+0x2b3/0xd20 [ 430.098629] ? rw_copy_check_uvector+0x310/0x3e0 [ 430.103418] ? iov_iter_advance+0x1460/0x1460 [ 430.107924] ? sock_has_perm+0x2bc/0x3e0 [ 430.112047] pfkey_sendmsg+0x5e5/0xfb0 [ 430.115984] ? pfkey_spdget+0xb20/0xb20 [ 430.119995] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 430.125551] ? security_socket_sendmsg+0x94/0xc0 [ 430.130325] ? pfkey_spdget+0xb20/0xb20 [ 430.134320] sock_sendmsg+0xd5/0x120 [ 430.138055] ___sys_sendmsg+0x7fd/0x930 [ 430.142044] ? find_held_lock+0x36/0x1c0 [ 430.146134] ? copy_msghdr_from_user+0x580/0x580 [ 430.150915] ? lock_downgrade+0x900/0x900 [ 430.155101] ? proc_fail_nth_write+0x9e/0x210 [ 430.159625] ? __fget_light+0x2e9/0x430 [ 430.163621] ? fget_raw+0x20/0x20 [ 430.167105] ? kasan_check_write+0x14/0x20 [ 430.171358] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 430.176317] ? wait_for_completion+0x8a0/0x8a0 [ 430.180939] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 430.186511] ? sockfd_lookup_light+0xc5/0x160 [ 430.191030] __sys_sendmsg+0x11d/0x280 [ 430.194943] ? __ia32_sys_shutdown+0x80/0x80 [ 430.199380] ? __sb_end_write+0xd9/0x110 [ 430.203467] ? fput+0x130/0x1a0 [ 430.206765] ? do_syscall_64+0x9a/0x820 [ 430.210756] ? do_syscall_64+0x9a/0x820 [ 430.214769] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 430.220253] __x64_sys_sendmsg+0x78/0xb0 [ 430.224334] do_syscall_64+0x1b9/0x820 [ 430.228238] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 430.233627] ? syscall_return_slowpath+0x5e0/0x5e0 [ 430.238578] ? trace_hardirqs_on_caller+0x310/0x310 [ 430.243616] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 430.248649] ? recalc_sigpending_tsk+0x180/0x180 [ 430.253421] ? kasan_check_write+0x14/0x20 [ 430.257687] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 430.262560] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 430.267765] RIP: 0033:0x457679 [ 430.270986] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 430.289904] RSP: 002b:00007f57ff800c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 430.297646] RAX: ffffffffffffffda RBX: 00007f57ff8016d4 RCX: 0000000000457679 [ 430.304928] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000004 [ 430.312221] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 19:00:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x541b, 0x0) [ 430.319501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 430.326782] R13: 00000000004d5490 R14: 00000000004c3871 R15: 0000000000000002 19:00:17 executing program 5 (fault-call:2 fault-nth:0): perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:17 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2000016b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) [ 430.515353] FAULT_INJECTION: forcing a failure. [ 430.515353] name failslab, interval 1, probability 0, space 0, times 0 [ 430.544747] CPU: 0 PID: 17465 Comm: syz-executor5 Not tainted 4.19.0-rc4+ #27 [ 430.552080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 430.552092] Call Trace: [ 430.552120] dump_stack+0x1c4/0x2b4 [ 430.552151] ? dump_stack_print_info.cold.2+0x52/0x52 [ 430.552204] should_fail.cold.4+0xa/0x17 [ 430.552238] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 430.552276] ? graph_lock+0x170/0x170 [ 430.552295] ? perf_trace_lock_acquire+0x501/0x800 [ 430.552346] ? perf_trace_lock+0x7a0/0x7a0 [ 430.595378] ? find_held_lock+0x36/0x1c0 [ 430.599499] ? ___might_sleep+0x1ed/0x300 [ 430.603669] ? arch_local_save_flags+0x40/0x40 [ 430.608272] ? rcu_bh_qs+0xc0/0xc0 [ 430.611854] __should_failslab+0x124/0x180 [ 430.616111] should_failslab+0x9/0x14 [ 430.619933] kmem_cache_alloc_node+0x26e/0x730 [ 430.624567] ? avc_has_perm_noaudit+0x630/0x630 [ 430.629282] __alloc_skb+0x119/0x770 [ 430.633024] ? skb_scrub_packet+0x490/0x490 [ 430.637365] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 430.642919] ? _copy_from_user+0xdf/0x150 [ 430.647104] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 430.652141] ? rw_copy_check_uvector+0x310/0x3e0 [ 430.656937] ? sock_has_perm+0x2bc/0x3e0 [ 430.661038] ? selinux_secmark_relabel_packet+0xe0/0xe0 [ 430.666417] ? dup_iter+0x1e2/0x270 [ 430.670077] pfkey_sendmsg+0x263/0xfb0 [ 430.674014] ? pfkey_spdget+0xb20/0xb20 [ 430.678030] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 430.683582] ? security_socket_sendmsg+0x94/0xc0 [ 430.688360] ? pfkey_spdget+0xb20/0xb20 [ 430.692356] sock_sendmsg+0xd5/0x120 [ 430.696125] ___sys_sendmsg+0x7fd/0x930 [ 430.700124] ? find_held_lock+0x36/0x1c0 [ 430.704225] ? copy_msghdr_from_user+0x580/0x580 [ 430.709015] ? lock_downgrade+0x900/0x900 [ 430.713191] ? proc_fail_nth_write+0x9e/0x210 [ 430.717715] ? __fget_light+0x2e9/0x430 [ 430.721710] ? fget_raw+0x20/0x20 [ 430.725196] ? kasan_check_write+0x14/0x20 [ 430.729454] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 430.734411] ? wait_for_completion+0x8a0/0x8a0 [ 430.739036] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 430.744590] ? sockfd_lookup_light+0xc5/0x160 [ 430.749112] __sys_sendmsg+0x11d/0x280 [ 430.753023] ? __ia32_sys_shutdown+0x80/0x80 [ 430.757445] ? __sb_end_write+0xd9/0x110 [ 430.761535] ? fput+0x130/0x1a0 [ 430.764829] ? do_syscall_64+0x9a/0x820 [ 430.768817] ? do_syscall_64+0x9a/0x820 [ 430.772826] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 430.778310] __x64_sys_sendmsg+0x78/0xb0 [ 430.782397] do_syscall_64+0x1b9/0x820 [ 430.786301] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 430.791684] ? syscall_return_slowpath+0x5e0/0x5e0 [ 430.796636] ? trace_hardirqs_on_caller+0x310/0x310 [ 430.801672] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 430.806705] ? recalc_sigpending_tsk+0x180/0x180 [ 430.811484] ? kasan_check_write+0x14/0x20 [ 430.815756] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 430.820636] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 430.825839] RIP: 0033:0x457679 [ 430.829048] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 430.847977] RSP: 002b:00007f45f4ccbc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 430.855717] RAX: ffffffffffffffda RBX: 00007f45f4ccc6d4 RCX: 0000000000457679 19:00:18 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x5452, 0x0) [ 430.863000] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000004 [ 430.870284] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 430.877564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 430.884847] R13: 00000000004d5490 R14: 00000000004c3871 R15: 0000000000000000 19:00:18 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x4048ae9b, 0x0) 19:00:18 executing program 5 (fault-call:2 fault-nth:1): perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:18 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 19:00:18 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffff9c, 0xc0086420, &(0x7f0000000080)={0x0}) ioctl$DRM_IOCTL_GET_SAREA_CTX(r2, 0xc010641d, &(0x7f00000000c0)={r3, &(0x7f0000000280)=""/141}) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:18 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x3f000000, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:18 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() syz_open_dev$midi(&(0x7f0000000180)='/dev/midi#\x00', 0x784, 0x60000) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r3 = syz_open_procfs(r1, &(0x7f00000001c0)='net/ip_mr_cache\x00') read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x80000000, &(0x7f0000000000)={0x0, 0x2}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) getpeername$llc(r3, &(0x7f0000000280)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000002c0)=0x10) r4 = dup2(r0, r2) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r4, 0xc0a85322, &(0x7f0000000080)) tkill(r1, 0x1000000000015) 19:00:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x80086601, 0x0) [ 431.349177] FAULT_INJECTION: forcing a failure. [ 431.349177] name failslab, interval 1, probability 0, space 0, times 0 [ 431.362095] CPU: 1 PID: 17504 Comm: syz-executor5 Not tainted 4.19.0-rc4+ #27 [ 431.369399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 431.378766] Call Trace: [ 431.381381] dump_stack+0x1c4/0x2b4 [ 431.385035] ? dump_stack_print_info.cold.2+0x52/0x52 [ 431.390271] should_fail.cold.4+0xa/0x17 [ 431.394359] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 431.399497] ? graph_lock+0x170/0x170 [ 431.403326] ? save_stack+0xa9/0xd0 [ 431.406979] ? kasan_kmalloc+0xc7/0xe0 [ 431.410893] ? find_held_lock+0x36/0x1c0 [ 431.415021] ? ___might_sleep+0x1ed/0x300 [ 431.419194] ? arch_local_save_flags+0x40/0x40 [ 431.423793] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 431.429368] __should_failslab+0x124/0x180 [ 431.433628] should_failslab+0x9/0x14 [ 431.437446] kmem_cache_alloc_node_trace+0x270/0x740 [ 431.442599] __kmalloc_node_track_caller+0x33/0x70 [ 431.447551] __kmalloc_reserve.isra.39+0x41/0xe0 [ 431.452338] __alloc_skb+0x155/0x770 [ 431.456080] ? skb_scrub_packet+0x490/0x490 [ 431.460431] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 431.465996] ? _copy_from_user+0xdf/0x150 [ 431.470168] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 431.475200] ? rw_copy_check_uvector+0x310/0x3e0 [ 431.480002] ? sock_has_perm+0x2bc/0x3e0 [ 431.484085] ? selinux_secmark_relabel_packet+0xe0/0xe0 [ 431.489470] ? dup_iter+0x1e2/0x270 [ 431.493126] pfkey_sendmsg+0x263/0xfb0 [ 431.497052] ? pfkey_spdget+0xb20/0xb20 [ 431.501053] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 431.506603] ? security_socket_sendmsg+0x94/0xc0 [ 431.511373] ? pfkey_spdget+0xb20/0xb20 [ 431.515373] sock_sendmsg+0xd5/0x120 [ 431.519114] ___sys_sendmsg+0x7fd/0x930 [ 431.523099] ? find_held_lock+0x36/0x1c0 [ 431.527193] ? copy_msghdr_from_user+0x580/0x580 [ 431.531978] ? lock_downgrade+0x900/0x900 [ 431.536153] ? proc_fail_nth_write+0x9e/0x210 [ 431.540676] ? __fget_light+0x2e9/0x430 [ 431.544670] ? fget_raw+0x20/0x20 [ 431.548152] ? kasan_check_write+0x14/0x20 [ 431.552409] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 431.557366] ? wait_for_completion+0x8a0/0x8a0 [ 431.561995] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 431.567553] ? sockfd_lookup_light+0xc5/0x160 [ 431.572077] __sys_sendmsg+0x11d/0x280 [ 431.575991] ? __ia32_sys_shutdown+0x80/0x80 [ 431.580419] ? __sb_end_write+0xd9/0x110 [ 431.584972] ? fput+0x130/0x1a0 [ 431.588274] ? do_syscall_64+0x9a/0x820 [ 431.592262] ? do_syscall_64+0x9a/0x820 [ 431.596276] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 431.601756] __x64_sys_sendmsg+0x78/0xb0 [ 431.605838] do_syscall_64+0x1b9/0x820 [ 431.609743] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 431.615124] ? syscall_return_slowpath+0x5e0/0x5e0 [ 431.620073] ? trace_hardirqs_on_caller+0x310/0x310 [ 431.625104] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 431.630152] ? recalc_sigpending_tsk+0x180/0x180 [ 431.634929] ? kasan_check_write+0x14/0x20 [ 431.639203] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 431.644076] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 431.649279] RIP: 0033:0x457679 [ 431.652491] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 431.671402] RSP: 002b:00007f45f4ccbc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 431.679133] RAX: ffffffffffffffda RBX: 00007f45f4ccc6d4 RCX: 0000000000457679 [ 431.686411] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000004 [ 431.693695] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 431.700980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 431.708260] R13: 00000000004d5490 R14: 00000000004c3871 R15: 0000000000000001 19:00:18 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={r1, r0, 0x0, 0x14, &(0x7f00000000c0)='posix_acl_access^@^\x00', 0xffffffffffffffff}, 0x30) dup2(r2, r2) setsockopt$sock_linger(r2, 0x1, 0xd, &(0x7f0000000080)={0x0, 0x3}, 0x8) tkill(r1, 0x17) 19:00:18 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0xffffff7f, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:19 executing program 5 (fault-call:2 fault-nth:2): perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:19 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 19:00:19 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x40086602, 0x0) [ 431.924769] FAULT_INJECTION: forcing a failure. [ 431.924769] name failslab, interval 1, probability 0, space 0, times 0 [ 431.937393] CPU: 0 PID: 17524 Comm: syz-executor5 Not tainted 4.19.0-rc4+ #27 [ 431.944711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 431.954076] Call Trace: [ 431.956683] dump_stack+0x1c4/0x2b4 [ 431.960344] ? dump_stack_print_info.cold.2+0x52/0x52 [ 431.965581] should_fail.cold.4+0xa/0x17 [ 431.969671] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 431.974798] ? is_bpf_text_address+0xd3/0x170 [ 431.979318] ? graph_lock+0x170/0x170 [ 431.983147] ? graph_lock+0x170/0x170 [ 431.986998] ? find_held_lock+0x36/0x1c0 [ 431.991088] ? __lock_is_held+0xb5/0x140 [ 431.995194] ? ___might_sleep+0x1ed/0x300 [ 431.999365] ? arch_local_save_flags+0x40/0x40 [ 432.003985] ? pfkey_sendmsg+0x5d3/0xfb0 [ 432.008084] __should_failslab+0x124/0x180 [ 432.012343] should_failslab+0x9/0x14 [ 432.016161] kmem_cache_alloc+0x2be/0x730 [ 432.020351] skb_clone+0x1bb/0x500 [ 432.023914] ? skb_split+0x11e0/0x11e0 [ 432.027838] ? __might_fault+0x12b/0x1e0 [ 432.031923] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 432.036992] ? arch_local_save_flags+0x40/0x40 [ 432.041603] pfkey_process+0xc1/0x9a0 [ 432.045422] ? iov_iter_npages+0xe80/0xe80 [ 432.049766] ? pfkey_send_new_mapping+0x1260/0x1260 [ 432.054798] ? copyin+0xb7/0x100 [ 432.058194] ? _copy_from_iter_full+0x2b3/0xd20 [ 432.062881] ? rw_copy_check_uvector+0x310/0x3e0 [ 432.067673] ? iov_iter_advance+0x1460/0x1460 [ 432.072182] ? sock_has_perm+0x2bc/0x3e0 [ 432.076285] pfkey_sendmsg+0x5e5/0xfb0 [ 432.080208] ? pfkey_spdget+0xb20/0xb20 [ 432.084206] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 432.089756] ? security_socket_sendmsg+0x94/0xc0 [ 432.094530] ? pfkey_spdget+0xb20/0xb20 [ 432.098531] sock_sendmsg+0xd5/0x120 [ 432.102268] ___sys_sendmsg+0x7fd/0x930 [ 432.106259] ? find_held_lock+0x36/0x1c0 [ 432.110349] ? copy_msghdr_from_user+0x580/0x580 [ 432.115126] ? lock_downgrade+0x900/0x900 [ 432.119302] ? proc_fail_nth_write+0x9e/0x210 [ 432.123827] ? __fget_light+0x2e9/0x430 [ 432.127822] ? fget_raw+0x20/0x20 [ 432.131305] ? kasan_check_write+0x14/0x20 [ 432.135561] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 432.140520] ? wait_for_completion+0x8a0/0x8a0 [ 432.145141] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 432.150697] ? sockfd_lookup_light+0xc5/0x160 [ 432.155216] __sys_sendmsg+0x11d/0x280 [ 432.159127] ? __ia32_sys_shutdown+0x80/0x80 [ 432.163553] ? __sb_end_write+0xd9/0x110 [ 432.167642] ? fput+0x130/0x1a0 [ 432.170939] ? do_syscall_64+0x9a/0x820 [ 432.174941] ? do_syscall_64+0x9a/0x820 [ 432.178982] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 432.184468] __x64_sys_sendmsg+0x78/0xb0 [ 432.188552] do_syscall_64+0x1b9/0x820 [ 432.192456] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 432.197840] ? syscall_return_slowpath+0x5e0/0x5e0 [ 432.202789] ? trace_hardirqs_on_caller+0x310/0x310 [ 432.207826] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 432.212855] ? recalc_sigpending_tsk+0x180/0x180 [ 432.217633] ? kasan_check_write+0x14/0x20 [ 432.221898] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 432.226772] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 432.231988] RIP: 0033:0x457679 [ 432.235197] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 432.254111] RSP: 002b:00007f45f4ccbc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 432.261841] RAX: ffffffffffffffda RBX: 00007f45f4ccc6d4 RCX: 0000000000457679 [ 432.269123] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000004 [ 432.276404] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 432.283684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 432.290976] R13: 00000000004d5490 R14: 00000000004c3871 R15: 0000000000000002 19:00:19 executing program 5 (fault-call:2 fault-nth:3): perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:19 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x1000000, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:19 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x4004ae8b, 0x0) 19:00:19 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xc0045878, 0x0) [ 432.531119] FAULT_INJECTION: forcing a failure. [ 432.531119] name failslab, interval 1, probability 0, space 0, times 0 [ 432.564878] CPU: 1 PID: 17542 Comm: syz-executor5 Not tainted 4.19.0-rc4+ #27 [ 432.572220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 432.572232] Call Trace: [ 432.572260] dump_stack+0x1c4/0x2b4 [ 432.572292] ? dump_stack_print_info.cold.2+0x52/0x52 [ 432.572346] should_fail.cold.4+0xa/0x17 [ 432.572382] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 432.572422] ? graph_lock+0x170/0x170 [ 432.572451] ? kasan_check_write+0x14/0x20 [ 432.572492] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 432.584889] ? rcu_read_lock_sched_held+0x108/0x120 [ 432.584922] ? wait_for_completion+0x8a0/0x8a0 [ 432.584968] ? find_held_lock+0x36/0x1c0 [ 432.585027] ? ___might_sleep+0x1ed/0x300 [ 432.633694] ? arch_local_save_flags+0x40/0x40 [ 432.638297] ? pfkey_sendmsg+0x612/0xfb0 [ 432.642378] ? lock_downgrade+0x900/0x900 [ 432.646559] __should_failslab+0x124/0x180 [ 432.650817] should_failslab+0x9/0x14 [ 432.654633] kmem_cache_alloc_node+0x26e/0x730 [ 432.659234] ? pfkey_dump+0x56e/0x6d0 [ 432.663070] __alloc_skb+0x119/0x770 [ 432.666815] ? skb_scrub_packet+0x490/0x490 [ 432.671309] pfkey_sendmsg+0x665/0xfb0 [ 432.675231] ? pfkey_spdget+0xb20/0xb20 [ 432.679230] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 432.684781] ? security_socket_sendmsg+0x94/0xc0 [ 432.689556] ? pfkey_spdget+0xb20/0xb20 [ 432.693552] sock_sendmsg+0xd5/0x120 [ 432.697306] ___sys_sendmsg+0x7fd/0x930 [ 432.701312] ? find_held_lock+0x36/0x1c0 [ 432.705412] ? copy_msghdr_from_user+0x580/0x580 [ 432.710217] ? lock_downgrade+0x900/0x900 [ 432.714400] ? proc_fail_nth_write+0x9e/0x210 [ 432.718926] ? __fget_light+0x2e9/0x430 [ 432.722930] ? fget_raw+0x20/0x20 [ 432.726423] ? kasan_check_write+0x14/0x20 [ 432.730692] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 432.735653] ? wait_for_completion+0x8a0/0x8a0 [ 432.740275] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 432.745828] ? sockfd_lookup_light+0xc5/0x160 [ 432.750351] __sys_sendmsg+0x11d/0x280 [ 432.754277] ? __ia32_sys_shutdown+0x80/0x80 [ 432.758703] ? __sb_end_write+0xd9/0x110 [ 432.762791] ? fput+0x130/0x1a0 [ 432.766086] ? do_syscall_64+0x9a/0x820 [ 432.770074] ? do_syscall_64+0x9a/0x820 [ 432.774088] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 432.779577] __x64_sys_sendmsg+0x78/0xb0 [ 432.783664] do_syscall_64+0x1b9/0x820 [ 432.787571] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 432.792965] ? syscall_return_slowpath+0x5e0/0x5e0 [ 432.797920] ? trace_hardirqs_on_caller+0x310/0x310 [ 432.802983] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 432.808015] ? recalc_sigpending_tsk+0x180/0x180 [ 432.812789] ? kasan_check_write+0x14/0x20 [ 432.817052] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 432.821927] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 432.827141] RIP: 0033:0x457679 [ 432.830350] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 432.849283] RSP: 002b:00007f45f4ccbc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 432.857017] RAX: ffffffffffffffda RBX: 00007f45f4ccc6d4 RCX: 0000000000457679 [ 432.864297] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000004 [ 432.871577] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 432.878861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 432.886144] R13: 00000000004d5490 R14: 00000000004c3871 R15: 0000000000000003 19:00:20 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) ioctl$KVM_GET_CPUID2(r0, 0xc008ae91, &(0x7f0000000080)={0x1, 0x0, [{}]}) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:22 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x2, 0x0) 19:00:22 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x4, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:22 executing program 5 (fault-call:2 fault-nth:4): perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:22 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x4138ae84, 0x0) 19:00:22 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f00000000c0)='./file0\x00', 0x5, 0x5, &(0x7f0000000440)=[{&(0x7f0000000100)="e922", 0x2, 0x40}, {&(0x7f0000000180)="ec36d5b4e4e4b4c71a", 0x9, 0x200}, {&(0x7f0000000280)="058342c8dc347fe57b7191cd38942b0834619932f06867e9604987ca3b259f2a9453adeb3c7a29a7b63e064afdd4c45cfd25ac81f38164033c329a4bbcf883f2b082429bd9b4", 0x46, 0x29}, {&(0x7f0000000300)="23210cf261960a28e84f3ab94718e6b5822010044f84ae55af3a4a979c65b767a5715c4d55ebfeec69754cf4992496f0d43d2b892a6920a0b56eefb1645376a073fe0df0ede232210058", 0x4a, 0xc}, {&(0x7f0000000380)="5f1843040be0e67609744f25f3940d66c879edd5e0c0dd0e0a3c25587bba1be367678ced7a54f9ed54e2b4e1357a302b02599ad859560fd9bd8509300108dfb530a8121c020ec71ae86b0c38ea7869c473cbbaf55c45dffdf6b41b256bb238f96098f788d2e0d6de146e0a1ab9b11633d9a4a1acd0687b9580871fe4605903596a985d30bc9e3a3d17a44124b3789e21356bebe740f4d929f184fe0a39492ea9f00c0628885bc8ae265f953d1a820862ecbd9cf209df0e70941bcce9f407ef79", 0xc0, 0x5}], 0x60002, &(0x7f00000001c0)={[{@force='force'}, {@umask={'umask', 0x3d, 0x6}}]}) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:22 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) getresuid(&(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)) [ 435.434540] FAULT_INJECTION: forcing a failure. [ 435.434540] name failslab, interval 1, probability 0, space 0, times 0 [ 435.459101] CPU: 1 PID: 17571 Comm: syz-executor5 Not tainted 4.19.0-rc4+ #27 [ 435.466427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 435.475802] Call Trace: [ 435.478415] dump_stack+0x1c4/0x2b4 [ 435.482073] ? dump_stack_print_info.cold.2+0x52/0x52 [ 435.487318] should_fail.cold.4+0xa/0x17 [ 435.491411] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 435.496549] ? graph_lock+0x170/0x170 [ 435.500383] ? save_stack+0xa9/0xd0 [ 435.504029] ? kasan_kmalloc+0xc7/0xe0 [ 435.507945] ? find_held_lock+0x36/0x1c0 [ 435.512073] ? ___might_sleep+0x1ed/0x300 [ 435.516243] ? arch_local_save_flags+0x40/0x40 [ 435.520844] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 435.526421] __should_failslab+0x124/0x180 [ 435.530685] should_failslab+0x9/0x14 [ 435.534507] kmem_cache_alloc_node_trace+0x270/0x740 [ 435.539658] __kmalloc_node_track_caller+0x33/0x70 [ 435.544615] __kmalloc_reserve.isra.39+0x41/0xe0 [ 435.549398] __alloc_skb+0x155/0x770 [ 435.553140] ? skb_scrub_packet+0x490/0x490 [ 435.557548] pfkey_sendmsg+0x665/0xfb0 [ 435.561479] ? pfkey_spdget+0xb20/0xb20 [ 435.565482] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 435.571034] ? security_socket_sendmsg+0x94/0xc0 [ 435.575806] ? pfkey_spdget+0xb20/0xb20 [ 435.579803] sock_sendmsg+0xd5/0x120 [ 435.584012] ___sys_sendmsg+0x7fd/0x930 [ 435.588001] ? find_held_lock+0x36/0x1c0 [ 435.592092] ? copy_msghdr_from_user+0x580/0x580 [ 435.596868] ? lock_downgrade+0x900/0x900 [ 435.601045] ? proc_fail_nth_write+0x9e/0x210 [ 435.605571] ? __fget_light+0x2e9/0x430 [ 435.609565] ? fget_raw+0x20/0x20 [ 435.613047] ? kasan_check_write+0x14/0x20 [ 435.617302] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 435.622257] ? wait_for_completion+0x8a0/0x8a0 [ 435.626879] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 435.632433] ? sockfd_lookup_light+0xc5/0x160 [ 435.636962] __sys_sendmsg+0x11d/0x280 [ 435.640879] ? __ia32_sys_shutdown+0x80/0x80 [ 435.645302] ? __sb_end_write+0xd9/0x110 [ 435.649391] ? fput+0x130/0x1a0 [ 435.652685] ? do_syscall_64+0x9a/0x820 [ 435.656673] ? do_syscall_64+0x9a/0x820 [ 435.660684] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 435.666165] __x64_sys_sendmsg+0x78/0xb0 [ 435.670249] do_syscall_64+0x1b9/0x820 [ 435.674149] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 435.679536] ? syscall_return_slowpath+0x5e0/0x5e0 [ 435.684494] ? trace_hardirqs_on_caller+0x310/0x310 [ 435.689527] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 435.694559] ? recalc_sigpending_tsk+0x180/0x180 [ 435.699335] ? kasan_check_write+0x14/0x20 [ 435.703599] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 435.708483] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 435.713686] RIP: 0033:0x457679 [ 435.716893] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 435.735810] RSP: 002b:00007f45f4ccbc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 435.743591] RAX: ffffffffffffffda RBX: 00007f45f4ccc6d4 RCX: 0000000000457679 [ 435.750871] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000004 [ 435.758155] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 435.765433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 435.772720] R13: 00000000004d5490 R14: 00000000004c3871 R15: 0000000000000004 19:00:23 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x100000000000000, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:23 executing program 5 (fault-call:2 fault-nth:5): perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x4020940d, 0x0) 19:00:23 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair(0x0, 0x5, 0x51, &(0x7f00000012c0)={0xffffffffffffffff}) setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r3, 0x84, 0xc, &(0x7f0000001300)=0x100, 0x4) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r4 = dup2(r0, r2) tkill(r1, 0x1000000000015) sendmsg$rds(r4, &(0x7f0000001280)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000280)=""/225, 0xe1}, {&(0x7f0000000080)=""/3, 0x3}, {&(0x7f0000000380)=""/218, 0xda}, {&(0x7f0000000480)=""/215, 0xd7}, {&(0x7f0000000580)=""/250, 0xfa}, {&(0x7f0000000680)=""/132, 0x84}, {&(0x7f0000000740)=""/156, 0x9c}, {&(0x7f0000000800)=""/202, 0xca}], 0x8, &(0x7f0000001000)=[@zcopy_cookie={0x18}, @rdma_args={0x48, 0x114, 0x1, {{0x5, 0x3}, {&(0x7f0000000180)=""/80, 0x50}, &(0x7f0000000a40)=[{&(0x7f0000000900)=""/95, 0x5f}, {&(0x7f0000000980)=""/120, 0x78}, {&(0x7f0000000a00)=""/63, 0x3f}], 0x3, 0x2, 0x40}}, @zcopy_cookie={0x18, 0x114, 0xc, 0x800}, @rdma_args={0x48, 0x114, 0x1, {{0x8, 0xb5}, {&(0x7f0000000a80)=""/87, 0x57}, &(0x7f0000000b80)=[{&(0x7f0000000b00)=""/105, 0x69}], 0x1, 0x20, 0x7ef}}, @mask_cswp={0x58, 0x114, 0x9, {{0x3, 0x81}, &(0x7f0000000bc0)=0x9, &(0x7f0000000c00)=0x6, 0x9e2, 0x4, 0x5, 0x1, 0x68, 0x7}}, @rdma_dest={0x18, 0x114, 0x2, {0x7fffffff, 0x100}}, @cswp={0x58, 0x114, 0x7, {{0xfffffffffffffff8, 0x3f}, &(0x7f0000000c40)=0x1fc, &(0x7f0000000c80)=0x4, 0x5, 0x5, 0x9, 0x1, 0x8, 0xd95}}, @mask_fadd={0x58, 0x114, 0x8, {{0x401, 0x40}, &(0x7f0000000cc0)=0x800, &(0x7f0000000d00)=0x7ff, 0x80000000, 0x101, 0x2be447cf, 0x5, 0x42, 0x3}}, @rdma_args={0x48, 0x114, 0x1, {{0x1, 0x9}, {&(0x7f0000000d40)=""/179, 0xb3}, &(0x7f0000000f40)=[{&(0x7f0000000e00)=""/216, 0xd8}, {&(0x7f0000000f00)=""/17, 0x11}], 0x2, 0x40, 0xffff}}, @cswp={0x58, 0x114, 0x7, {{0xfff, 0x80}, &(0x7f0000000f80)=0x1f, &(0x7f0000000fc0)=0x2, 0x81, 0x40, 0x5, 0x1, 0x20, 0x7}}], 0x280, 0x4}, 0x4048041) 19:00:23 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x4020940d, 0x0) 19:00:23 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x34000, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:23 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x8138ae83, 0x0) 19:00:23 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x20, 0x200201) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000000c0)=0x4) openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x200, 0x0) r4 = dup2(r0, r2) epoll_ctl$EPOLL_CTL_DEL(r4, 0x2, r2) tkill(r1, 0x1000000000015) 19:00:23 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x4b47, 0x0) 19:00:23 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)=0x0) timer_settime(r3, 0x0, &(0x7f000006b000)={{0x0, 0x989680}}, &(0x7f0000040000)) r4 = dup2(r0, r2) tkill(r1, 0x1000000000015) r5 = geteuid() lstat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) fstat(r4, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000300)=0x0, &(0x7f0000000340), &(0x7f0000000380)) fstat(r2, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)=0x0) getgroups(0x2, &(0x7f0000000500)=[0xee01, 0xffffffffffffffff]) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000540)={0x0, 0x0, 0x0}, &(0x7f0000000580)=0xc) fsetxattr$system_posix_acl(r4, &(0x7f00000000c0)='system.posix_acl_access\x00', &(0x7f00000005c0)=ANY=[@ANYBLOB="020004000100015cffffffffe8000400", @ANYRES32=r5, @ANYBLOB="02000600", @ANYRES32=r6, @ANYBLOB="02000200", @ANYRES32=r7, @ANYBLOB="040004000000000008000400", @ANYRES32=r8, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=r9, @ANYBLOB="08000200", @ANYRES32=r10, @ANYBLOB="08000200", @ANYRES32=r11, @ANYBLOB="08000100", @ANYRES32=r12, @ANYBLOB="10000700000000002000030000000000"], 0x64, 0x2) openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x111000, 0x0) 19:00:23 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x200000000000000, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x4004ae99, 0x0) 19:00:23 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x9, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:23 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x40087602, 0x0) 19:00:23 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x2, 0x0) mkdirat(r2, &(0x7f00000000c0)='./file0\x00', 0x82) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) socket$inet_icmp_raw(0x2, 0x3, 0x1) read(r3, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r3) tkill(r1, 0x1000000000015) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000100)={0x8}) 19:00:23 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x900000000000000, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xc018ae85, 0x0) 19:00:23 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x41a0ae8d, 0x0) 19:00:23 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x3f00000000000000, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:24 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = dup2(r0, r2) tkill(r1, 0x1000000000015) ioctl$SG_GET_PACK_ID(r3, 0x227c, &(0x7f0000000080)) ioctl$PPPIOCGFLAGS(r3, 0x8004745a, &(0x7f00000000c0)) 19:00:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x81a0ae8c, 0x0) 19:00:27 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x400000000000000, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:27 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x400300, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:27 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rfkill\x00', 0x1, 0x0) ioctl$TIOCMBIS(r3, 0x5416, &(0x7f0000000180)=0x8001) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r4 = dup2(r0, r2) tkill(r1, 0x1000000000015) ioctl$sock_inet_SIOCDARP(r4, 0x8953, &(0x7f0000000080)={{0x2, 0x4e21}, {0x306, @link_local}, 0x24, {0x2, 0x4e20, @multicast2}, 'veth0_to_bond\x00'}) 19:00:27 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x8138ae83, 0x0) 19:00:27 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r3 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/commit_pending_bools\x00', 0x1, 0x0) setsockopt$l2tp_PPPOL2TP_SO_DEBUG(r3, 0x111, 0x1, 0x1, 0x4) read(r2, &(0x7f0000000140)=""/43, 0x2b) ioctl$DRM_IOCTL_RES_CTX(r3, 0xc0106426, &(0x7f00000002c0)={0x4, &(0x7f0000000280)=[{}, {}, {}, {0x0}]}) ioctl$DRM_IOCTL_UNLOCK(r3, 0x4008642b, &(0x7f0000000300)={r4}) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)=0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000340)) getsockopt$inet_mreqn(r3, 0x0, 0x20, &(0x7f00000000c0)={@remote, @multicast1, 0x0}, &(0x7f0000000100)=0xc) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000180)={@local, 0x63, r6}) write$FUSE_BMAP(r3, &(0x7f00000001c0)={0x18, 0x0, 0x8, {0x8000}}, 0x18) timer_settime(r5, 0x0, &(0x7f000006b000)={{}, {0x0, 0x9}}, &(0x7f0000040000)) r7 = syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000e80)=@raw={'raw\x00', 0x9, 0x3, 0x3a8, 0x0, 0x0, 0x0, 0x128, 0x0, 0x310, 0x310, 0x310, 0x310, 0x310, 0x3, &(0x7f0000000e40), {[{{@uncond, 0x0, 0xc0, 0x128, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x4}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x1, 0x8558, 0x9, 0x8000, 'pptp\x00', 'syz1\x00', 0x769}}}, {{@uncond, 0x0, 0x180, 0x1e8, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x1}}, @common=@unspec=@conntrack1={0xc0, 'conntrack\x00', 0x1, {{@ipv4=@broadcast, [0x0, 0xffffff00, 0xffffff00, 0xff], @ipv6=@mcast2, [0xffffffff, 0xffffffff, 0xffffffff, 0xffffff00], @ipv4=@loopback, [0xffffffff, 0x0, 0xffffffff, 0xffffffff], @ipv6, [0x0, 0x0, 0xff000000], 0x9, 0x7ff, 0x87, 0x4e22, 0x4e21, 0x4e21, 0x4e21, 0x4, 0x100}, 0x80, 0x4}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x4, 0x80, 0x8, 0x9, 'snmp\x00', 'syz1\x00', 0x5}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x408) syz_mount_image$nfs(&(0x7f00000006c0)='nfs\x00', &(0x7f0000000700)='./file0\x00', 0x5, 0x8, &(0x7f0000000d40)=[{&(0x7f0000000740)="b092b496eb8e7b2251df1aedc81eb681f8f05922123f9a50f4f62c5994857ea37cbba8506987768c71415f58256102dd349d9fe41ba4be2e03a191c33cf99a1d36bc6b7d7a84f895795b8d4620dcab0baeea0c28ae761b32c294f3e216682f966f67dd6a43ee672b23c17598b1eace4fae60e5aefe76eb26d80475d86c89cd787f08c43866639e1b87d752a70a43c60cb89ab475c9a90f85345b68a2284042d32cb5943c921ce30fab4015fd604767c08fd0235f399524b907550943b8767f705e32e1c846300725ad0ef163245383d99bda8fff09d671", 0xd7, 0x1}, {&(0x7f0000000840)="f6171cea0c3504576dd8abdbaff819fda461b06fe0d19fd8f95860", 0x1b, 0xc8}, {&(0x7f0000000880)="649c47d19f73082bf042743828a18b4ae69386b8033da7a4f9eb1425d0c7d2ed732c451cafc66babcc74e0eee622950dc4fc726a0e922b46c9820988824e1ebc596cdd00a19ab0ac7c244111260bcc817b300680fd535fc7e6df4daae272fc47510c5383ee782e390f3b7040f3032009bbc60625644b585082c08798c45a12a59db41a0599604b7d017e1c5d7d2d0a3119c2df109edfebe23911802b47c367bd88476be550783252220e50ff1e7e2b599760668438fe54913d2454a33de9b7a38951c6754c1f58fa78ef5ef3cd45e28c62d0abd04661948698b7f97c", 0xdc, 0x8e8a}, {&(0x7f0000000980)="934579a0c953dc7dbc6e6469b336c755119d124a73c7abb12f6c748e42dedcfba79bb914ee9117346a883a58f2c040c8910ebd481523aa8b63eeaed008f62bb552f80f3633dc2efb7d95d73ec0eff1a600de2fce5f3819813d40d7a88178cb4429baf08648d6e5a95c58a4deaa074b90888301f475e8d79d801767be81a34e3279b4aefe042cdb63566a644cedd4e36f5b93a3c0efe36fbfc959244d7db2d68db7a9a7218a76f8f7b28ab858d9349c02dd403d78b67bb3e976ae9346d8a6173b78295aed2c36f6ad73e537bd8617120d263438767f958de509c3", 0xda, 0x7}, {&(0x7f0000000a80)="2aef0e22f2eb499d5188c8b29b2524ced3e4792b6c4d4ea7c5c8344aecce38e72ea2fbbf88f12afdac3e708f732c6843366ebae39c7f9112f800814dc2e1086b0ffe59b133577bd48fa609b2fbe63104eb532f935ef0491633ce6a5f186e4fbaf43310cbeebf841a63f8844273fa13bbe1d32b2d4af91907b3992eab999bcc56f9f82d72c0e988620fdfafa1d9d99f8a7f84d28f81c2c10df89f757d1d107781caf7391d17732184149d1fc2bf4af22c65c9d3cecbfec8d683af80fbb43f8f3bd07492a611787d83c5cc", 0xca, 0x26776e2d}, {&(0x7f0000000b80)="94b5511f67b9fa73e4487f01824e9fc2473465a6b514432b05df21587604d09e333eff8038baacff464c1c61a5786983b697a1cfca01b41908ad428ab287d27c0591e6516c8e6113e7a2254df042f759767e6869a4d9d22ad7b172f8afcd4382f0aeb2441724c007a67e8a51866dd862c8d929725f85ba4b1773458f63a1969aebfa0526551b56d254e1aaf44947fdd9417cace7df9fb1c0adf4e771edaf495b37f6fae1e3e67b4f4e8e5935819d7e09c8b5876c1d4d6473eead6968446bf41d7119f5d79d228d7ed5803a44937364a7b62c4948509235be", 0xd8, 0x2}, {&(0x7f0000000c80)="c7a2d71032e5a516ed749dea3c9bfdb0fdc67c5eadc17070ed5b406d6b9fd3cac093b6bd5b6e4d07285307d746c1fa068982f00df5fe12c045046ccc80f6f7367660c84ccc6537b7925e7e94d0567b31ac0289a964cc268f8f6ea2dfc0", 0x5d, 0x80000001}, {&(0x7f0000000d00)="47b38aa6c056e9ac3cfdca74b71c9fa945c2fe15c5e263c5a7beab42ec", 0x1d, 0xfffffffffffffffd}], 0x10, &(0x7f0000000e00)='/selinux/commit_pending_bools\x00') sendmsg$inet_sctp(r3, &(0x7f0000000680)={&(0x7f0000000500)=@in={0x2, 0x4e21, @multicast2}, 0x10, &(0x7f0000000640)=[{&(0x7f0000000540)="d4775dfc777a488e298ad48a9a54e89ce276e42c2dc04aefe6d98bc3f73ccf6c07237525a4fc0943f1f3", 0x2a}, {&(0x7f0000000580)="10fea7aa3a41cf5b62bfd82104fc5a04ed92f51ca669ac1dc6a5add6dd3b582de2cc2af21c1b45e6fd0e5642f682f713b92e663bb7fb9ff322e61a3b57c6722e30efe38a165a6ed989c69557e50c6f9b9a3681e4219b6e8f5d7311ee37e666a0835834afde5a7d66c2635259ca064f7ffd94bca206e2a246c872be24af0efb7facd6bcabefa15588e2cc06a0ea81e9d8a4c73c813d2777aa54154b1eb75e33aba863117bd341e0953263597e49335fa832", 0xb1}], 0x2, 0x0, 0x0, 0x8000}, 0x4) sendmsg$IPVS_CMD_ZERO(r3, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x60, r7, 0x202, 0x70bd28, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @loopback}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @remote}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x20000004}, 0x1) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:27 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x5451, 0x0) 19:00:27 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x4000000, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:27 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x900, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:27 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x40440, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000100)={0xffffffffffffffff}, 0x0, 0xb}}, 0x20) write$RDMA_USER_CM_CMD_JOIN_MCAST(r1, &(0x7f0000000280)={0x16, 0x98, 0xfa00, {&(0x7f00000000c0), 0x2, r2, 0x10, 0x0, @in6={0xa, 0x4e23, 0x2000, @dev={0xfe, 0x80, [], 0x17}, 0x3}}}, 0xa0) r3 = gettid() r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r4, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r4) tkill(r3, 0x1000000000015) 19:00:27 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x4090ae82, 0x0) 19:00:27 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x5460, 0x0) [ 440.361564] audit: type=1400 audit(1537556427.506:52): avc: denied { write } for pid=17730 comm="syz-executor1" name="net" dev="proc" ino=63827 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=dir permissive=1 [ 440.394348] audit: type=1400 audit(1537556427.506:53): avc: denied { add_name } for pid=17730 comm="syz-executor1" name="pfkey" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=dir permissive=1 [ 440.422297] audit: type=1400 audit(1537556427.506:54): avc: denied { create } for pid=17730 comm="syz-executor1" name="pfkey" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:insmod_t:s0 tclass=file permissive=1 19:00:27 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x4, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:27 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x400300, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:27 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) socketpair$inet6(0xa, 0xa, 0x800000000000075, &(0x7f0000000080)={0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f00000000c0)={0x0, 0x400, 0x0, 0x0, 0x1f}, &(0x7f0000000100)=0x18) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000180)={r4, 0x9c}, &(0x7f00000001c0)=0x8) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r5 = dup2(r0, r2) tkill(r1, 0x1000000000015) setsockopt$inet_tcp_TLS_RX(r5, 0x6, 0x2, &(0x7f0000000280), 0x4) 19:00:27 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x40049409, 0x0) 19:00:27 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xc0045878, 0x0) 19:00:30 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) r3 = syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x200000) ioctl$SIOCGIFMTU(r3, 0x8921, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x8, 0x80) tkill(r1, 0x1000000000015) 19:00:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x4b49, 0x0) 19:00:30 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x2, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:30 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x801004000000000) 19:00:30 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x2, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:30 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r3 = dup3(r0, r0, 0x80000) getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000000100)={r4, 0x2, 0x9}, 0x8) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x4004ae8b, 0x0) 19:00:30 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0xffffff7f00000000, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:30 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x200000000000000, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:30 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f00000004c0)={0x0, 0x1000, 0x3, 0x0, 0x0, [{r0, 0x0, 0x5}, {r2}, {r0, 0x0, 0x8}]}) eventfd(0x4) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = dup2(r0, r2) write$vnet(r3, &(0x7f0000000440)={0x1, {&(0x7f0000000080)=""/124, 0x7c, &(0x7f00000003c0)=""/80, 0x3, 0x3}}, 0x68) getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000280)={{{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@multicast1}}, &(0x7f00000001c0)=0xe8) connect$packet(r3, &(0x7f0000000380)={0x11, 0x19, r4, 0x1, 0x0, 0x6, @random="a0f90abe4cdf"}, 0x14) tkill(r1, 0x1000000000015) 19:00:30 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xd004) 19:00:30 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x400000000000000, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:30 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = dup2(r0, r2) mq_timedreceive(r3, &(0x7f0000000080)=""/110, 0x6e, 0x400, &(0x7f0000000100)={0x0, 0x989680}) tkill(r1, 0x1000000000015) write$UHID_INPUT(r3, &(0x7f0000000280)={0x8, "b81c501b9f1d1c70a5d164ce2bc99052e74fee5362316b8dd257b03028ea3979ba5d137bff2643e34a35c9c702d7c54d0e0da8b527b8c1e91f0958908a479f6cfeb8372373555acdb4d6710113d19db33eb764705998f5128368983a3213469e1eef3276689e5a66005be6d2105f9f3a4c4540e1f8b823197ed18d2f06cc3fcc63c0988efc6002221acf7cf832f595d83940a03a157242c449d018dcb181a917c29002166b9f6fc77f5b55220dacd386cec955b5350f8c1612281d8a398a1522b40a5ca2aa977e42bc041fda97828dbbd59619e9bd141316be5de8dbcbce2c73f919c78506035e58fecc02637cc02094b0f4333e0b25fff150ed980bcc3aeeafbfafb901edfe1a36198cba3a77512f6a84fedf4e3164007f364d8f0f1017f68c0264ced9b9b30b3874ad5aea608c7e237c5899e690cbda06ab50383010d575ca0f3b42bfc00956f687a59ddb7513932d5a0670b31b960ae93b298abc29fc1313cf6842e469eebc7f7f31a1d3c067b67ff09248da2ff96322576595e46eea0e2728b755865d53748bdb7470dac94c75dbadb4de0c3ed5cc919642a1d0e9ff55ad8be8ec4448b508fb1327cb35296ebcb2cee9a913179b1d2d2e48a3ff3adbdccb633cd3606fe74af2af24bcd1d32f50b22cc4313d69891eda5b0d80e726286b3b2652c5eaa6434bd7d0d26b9274b0ab1660210fc90a91e7bcfc241333d854cd797979ce035db598534419946c629380ab0539064aa8e9f8244f6aa14cbb3d28b3c328b78796c62b66319bb795efb8abd99cf50c53a3415b5d092b27916291704cc72af61c06c2f93243dddaf22df977dcd0868280830d77a6b3f7a836ef41ee4c49aa210fd13707b0bba0f8b586b94efa62bebca515d47b8ed73061c9bdfae171dc040d480172dcae57202d98bc33381c35d06c7d3f1e3c94943405fb2168b87394e5d8516199a381670843b4a187b39364f05946dd3ec88c64ab62fe496f0cdaa1015f11b271011d89141bb35ed9152911a31ecc199301c8c43c53c39e13fcb473c4522d9e6bac38a9d706b2dcbb00a57cc68cdb5ce80895a7e8af1c141dc76da663377a6979596617524620dfacdb9b43ce2e0412e9cbaa7b62a4cef777b534b561dbb1e1272cb5286e4539cf49f9fe49dc11759ca9dce9c31a7782631b2ca4f2647b135601995a290c8fa35183252140fb69014205b44a20dbe9a72d1ba9378b8a876f7f9e4490326d321f871fab724b29f85374d2b73dfd4baf08cd7d46505e31987558210cf03c311ac1563c1d5dca76ea9e14dc7988fe90503e6d31fd4758788f2d879515c43932107a0fb595127a0498f3e86c83deaaf2c56db1b59a83fca7d5c23499be48bd067f2266ffeffd6ceadc8f0b159359831ef9899e6c013ee067297b1f8d1edc3c34161c0f13eeaa6851d091026afc437a4aa8efb231688c8e690bd59165e41cbd721ed88ad1d0955650764e1686a787afbb5180fbbc783ed8162f9eeb5cdc7ace383378fd482ae2f8e69f443aff0287c2a8566b613a841f500fc6b7b8e780adbc2fadeb320f328cc6012d85a53ebe967e3c3f68f81efc9e9a0ffec6b6da59f864b4484c3aadc7ae7092d42f5978c294fad3b9ed5db0d26f9a02b08e19a038e9d9b5e19fc07956e2466b843bb7b47e161b63c37c53c788e488c093f1600e0ebc66d9827e37e40dcdcddbf8133bfe3bc8bbe168ffbbfd01dfbc9c14692bef1d3e7ea3a84b26ffaffd41b84dea96b02895781ed03c1c4771cc017a33dd01e8c3eb79b1b6b5bcd689360e4de4689a5b21b31141303884c787828f41a3322aa5eb644bbdff4a7765c5cd7de7afe81459f249c71f71674797ab7297b66229c018a4309cca6fb05a11e58ae2f6e24831ec25a0b722fbd18bfafc9da64b133db0e637ab5ec85b332662e001e6ddea23a0c17d28966b4cc109fa7cd8effd7c97fffea5d6e8c55c1f15d4ba3f6dc91411af8284d55b088240c4f0e17c104c43b557852deb03400c883657af1c4bac774c38f689fb03513845bbec1d4846c27edb3d500fa723ab0715ff78e8c9e0f1c1d5f715582f974f80b09ae11b9957544b78b17f8e6d35ee01f01e676f4c08b5ef883be22d1a8a2eab75c86d4f0d2ed92ea60ca3a064c793e0267839a53c42ec1848b97a71c27bcaef24e7b91ee1ae9e7a6bfeaf205be521bc3fed1ad9028728348b9ead849656102ab0ff11e8c27552a9e382d2a1af4f4742d7673794185d73456d3e5471284f96530e1c5b4fc5f10c7101d650c961d5ce3e0ae579a465ef76dc16a8ac29b2f607b80e648fee6e6af1b37c8885dd3a9bb443d793d990d329664c921da78654913a4658db8d1292569c67ff6e8cfd520d8e808088eed2da63af917db5590cef9359ab6dc3bb76ff2c11643034b9a3462ab03c6b54ee79e34a74482419fbe78de46314ff33fc1783d8dfb778af500ebde3e09bbb5d618f8c2c2c84a4f074148941efdb5fa1f0d60a4fb944092874cc06d06bce6cef1f4f9678b215e65a8ababcc88a1033ed011e2efcd6dd7956c836d79cfe492708f587ecbda7b2b56a3a77db3d4e20773ceff9969e9b91607abbec0339ff5c51b0af0e2a7bc23c4094ab681ace1f835e1ed903969290514656023feada054b10e4a6925e13d5750b5df803dba30506c3d26dfc33a693a907bc9411756ff6512f732a5c6c5519dac7d57acea5590c1c8b6e3e4c27898b8f0caac2d7231f01eaa06ac117f58939e499ec932cb47508600b7a848c792577ed4164ed056bb8ef8dd1cfa4bc5ddd173404f1b1e13ab177724665d0c768e1c60b4722bed2cf53418329d3ee3c844cecf167fb342569c566205fab3edea0d86fe2dc291d5f17ca4d7812b6500d21b6c6067cffb26fcf5708b089590d689658f78d52366a32de68cf9f10acd6caff1fbeacd48faff7ce261caee308248edf41081f6335f8a7adc93e3f3edfac3c024c8e23cd43a7d67631e57524beffbc3d03a96848e334102fadaf46fc98c4154682abd80ac1c7c5bab5c92933ca038840fd8d4173bb7d53e9fd5f44f4ddac6f835bdb1e47b5402b68869aa651415cecd1befefd5d9a772a1eec9be383c20357a99acff9ce611beb26b9730f07fcba870801fb3bbbe9b6f50183b31346851eea7cf0028d96ee8e9ffb7270fdf261be12274f9093bd8aceec7ceff54e0520f6a4f0cf2d5929eea9136409999a5eb6e6819321b4ec60f3f88732f846e6a84e7e18424f69ed9735360df37175bb3ccd2d503a331af73a36a3f89a8094730577d2f1b20ba01ba74e1ef816417ccfd30cc459a3dfd7375b259d6cdbaec2d70b4597b1ba0bc6ac0fd84982e89ca59ee02fb5b68bbb90984c410faea7e2ff5264440e9535ef1990c3d39ef1d9babde333feb7f2121c5f252fd3f89f61b9fef1322852ef45e8af43abad335990381ed781e3d7420e1eed3b9903a1446567e2ec560050866794fb3f91090391f93d70fa025dc599ea39eb164fd0a106c52c0583f4ad8e199ade760699b3ed9198068a77e5b38152910f99094a2bff040ff2c4a0711cbd2a67402a586938587445880b80bc446c1d2d7c5e3a03ecc6cd3265f43a0420cedb0acc064dd9f420adfc3b5851602ddbf73eb93dab51853aa1c5e3fe478ae08a8a2e51681fe8ec17ddaa11f3dad9d63e3bd27917e73e6521ed4b58c4a5a2c14949a590d03f33904a063241cf21834a2337892aeea2d62d37614c3615b754313dd76d52c20d97ffb1df06af9389ab71aca5ed2d7d6bc62d057c59a85acd9009c9b712d0c834b4decbc6c57e67e2f957b731304d071378a455e023cf785db62e1fd98f9d42bb7e41d918754bdc07aa56bd8d8a11fd4422c519323ea9836d93c6720b1c9512f6d717965cbc8f56384df735cf16271feac21706d78ef84b7e55912304ad6c2ee0be8b56678aaa9916e1cd098fe9663d87f2e1637660e16b8f43c09b15b8fd752c9b1fd7ed87a575fb37bea7d6dd0508c1378fe92131b04f9fd77f1757e74147d499e024361436e1f0a849f2b1d9bee525a9b7d893cca05ff8fbcf7a2f0a00d241d6e87985f7e5f2235b8942dc6a5a7c30332c187dfe7827777002636587f31785d70c3a2bd2c2f151858282770a8749fd433bf84c5f9a2398017d625eb18e4825bae4261cbed5782dda54636d97ea082459524aa675885572279108713df6f917ebc2273e7dc96e598d6ce5aa9520358efc8eef80fa759d404bb9ecf37da3a1c017c1b7f2edfc8cb76c4bb984287cbb41cad0b6f715ba8089619fe77ab7c66acb98f5709710adcfcd612dd432239ba8c8e460cfbcce6c96f01731547123e4a5ce91f5725db4d1dc6eec095a854ea313c5fd3d259d198c2869a8c5d841b5540ca17425218228bb28345358d1a867804b91ff99e43429d9d7520c66745af203164f5d022b1e1bd8211c3d67eca8ab693ad62e9cb5abebec20f64429654da970a8552453d914b957ca88a54bf9a11fc59f680a12ae000ed0097c320f0cb1c972a732e95b19a25d5275fc6e40b935d8c975878bdbd27174837b1aef249d09fd672a3cb4a4587ce844aad9bc4bc9929c2b98d044232374749281c28aca4452fd572ecd8dae6df6308dff48b2f75fda20fa0f68ee1d3d109b48ca1dc13503cc55f0b0701f95977c757c9c79e118d117c8bed9e36fedd59467880a86fc810663cf6556270abe784507ab734146d4bfde832028c894aa28b106383e6f355f14761b609aebdd9399e12c70c57661de94ee69d53eceb87bfdb07b74397dc6765d7f159661091c56016edec2f0b82016f55dc12f8b0930c1798c00876764ddd87ca5a52095d6f5058a3c5160e757b5eb004252b131e0e50e750ac508f6a108bca3e1e2669938492f49c337efc0b1c525c1e56faf9851e9c2eee643bd4b70cce96fc435aa0b4c6f0461ca5767a7d7a4320107637a985d68cd2257f510bc1adb1fb05186b3b170dc7f4ef53665e406440d424fda4654720985facd90542600c614561168691fca4d143afce61375a47124a29ab65e140ac26a3c0c05cbeec40be98a0f0ec1d6c5a6972c535dd5e197f2e12c9c8405f453b5fa3e73baa5ebbefb33c73c8225e140894b9d16ad93f0aabbeee33cf3d7a264bb938bae9cacf9261648594bb5d4a0d7c329130d5d4a429baa9ba8801abd5f456aeb13d0da74b207ea7488194167fe1cfea21e2e5ddcf5546d375ecb48b9e692131ba3a3c979ca8f1c8d2db5965f53a50506919ec6ed3d49fad9650b622df799d22d63729d0e42cd173a7fb3e986fef65315e10abe64da89d8b9911a2d708039e924af4cb6775deb00097faa780cd0bdb142e1dcafbf996165d5c1d016251cbc838b7f5cc540e1161651be0cc281783ecd2228582006509540804a2edadef0aba62086af7f612e65c80f2e9f02e09ac9af1be72551afa5ab0fd47c263ba7911be9c90ba0e6de986c61363329f3b2d2820223f06f01baed9db65a0ee737918ed05dc75c395e78b0b1e0bebb392da447c1fa5210012a3926da3fe760210a8eb810c599bd7a9567d03e1cb1ff78e671e56903e2301b7b4eb6f9dbaa520b3a6a3093c7275424669b4c2bb382ae7a2ce3a5c325acfdcf148ff02b6eb17c978ad52d0b2102b60c13ff6b04c057597ba1c33713f0d39c42348dc762e40d9741e3748f2eb7cca1e29126c9b762545e373bc247763f736100ac9ece13d6014bd25ca9ecb5cc274da7e5a661a11e09b6a436b05e65ebcc4eb74c86f2a73bd8372ebb5ad26201bb096c156c771d7fb0447fd9e62b60af07ebdd162638d297c916921a", 0x1000}, 0x1006) 19:00:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x4b47, 0x0) 19:00:30 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x900000000000000, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:30 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x101000, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:30 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x277) 19:00:30 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0xffffff7f, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x5452, 0x0) 19:00:31 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x9000000, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:31 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x34000, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:31 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x8) 19:00:31 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x5) 19:00:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0x41a0ae8d, 0x0) 19:00:31 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x2000000, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:31 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x1000000, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x100000000000000) 19:00:31 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r3 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x0, 0x420c80) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000280)={0x0, @in6={{0xa, 0x4e21, 0x5, @mcast1, 0x100}}}, &(0x7f00000000c0)=0x84) setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r3, 0x84, 0x23, &(0x7f0000000100)={r4, 0x4}, 0x8) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:31 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) socketpair(0x8, 0x4, 0x9, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VT_SETMODE(r3, 0x5602, &(0x7f00000000c0)={0x1f, 0x9, 0x2, 0x200, 0x9}) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x16, 0x8}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:31 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1900000000000000) 19:00:31 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x3f00, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x300000000000000) 19:00:31 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x4000000, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:31 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x1, 0x0, 0x0, 0x4}, 0x0) r2 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r2, &(0x7f00004c0000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r2, 0x10000200003) fchdir(r0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r3, &(0x7f000087dffe)='F', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sysfs$3(0x3) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = accept4(r2, 0x0, &(0x7f0000da8ffc), 0x0) getsockopt$inet_sctp6_SCTP_STATUS(r2, 0x84, 0xe, &(0x7f0000000280)={0x0, 0x9fe, 0x7c00000000000, 0x7, 0x10000, 0x3, 0x3f, 0x200, {0x0, @in={{0x2, 0x4e22, @multicast2}}, 0x3, 0x6, 0x10000, 0x5, 0x81}}, &(0x7f0000000180)=0xb0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000340)={@empty, 0xfff, 0x1, 0x3, 0x9, 0x200, 0x700, 0x7ff}, 0x20) write$P9_RAUTH(r3, &(0x7f0000000380)={0x14, 0x67, 0x1, {0x0, 0x2, 0x2}}, 0x14) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r4, 0x84, 0x71, &(0x7f00000001c0)={r5, 0x3}, 0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in6={{0x2, 0x500000000000000, 0xe00000000000000, @empty={[0x0, 0x0, 0x0, 0xa000000, 0x9]}}}, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x98) r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r6, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socket$inet(0x2, 0x6, 0x3) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r6) tkill(r1, 0x1000000000015) 19:00:31 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x2600000000000000) 19:00:32 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x100000000000000, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xd000000) 19:00:32 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x900, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:32 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x40030000000000, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:32 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1e01000000000000) 19:00:35 executing program 3: ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000180)=0x0) ptrace$setsig(0x4203, r0, 0x0, &(0x7f00000001c0)={0x9, 0x8, 0x7fff, 0x5}) r1 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = gettid() r3 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x0, 0x8400) ioctl$SG_GET_SG_TABLESIZE(r3, 0x227f, &(0x7f00000000c0)) fcntl$setsig(r3, 0xa, 0xe) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r4, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r3, 0xc0405519, &(0x7f0000000100)={0x1, 0x4, 0x3, 0x431, '\x00', 0x4}) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r1, r4) tkill(r2, 0x1000000000015) 19:00:35 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() fchdir(r0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000080)=@req3={0x3, 0x7, 0x5, 0x5, 0x81, 0x100000000, 0x30000000000000}, 0x1c) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x3) 19:00:35 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x40030000000000, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:35 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x9000000, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xb000000) 19:00:35 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0xffffff7f00000000, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:35 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x2000000, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x18000000) 19:00:35 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000100)={r0, 0x10, &(0x7f00000000c0)={&(0x7f0000000080)=""/16, 0x10, 0x0}}, 0x10) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180)=r3, 0x4) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r4 = dup2(r0, r2) ioctl$KVM_DEASSIGN_PCI_DEVICE(r4, 0x4040ae72, &(0x7f00000001c0)={0x675, 0xffffffff, 0x4, 0x2, 0x3}) tkill(r1, 0x1000000000015) 19:00:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xc0010007) 19:00:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x700000000000000) 19:00:35 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() fcntl$lock(r0, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4, 0x200, r1}) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = syz_open_dev$admmidi(&(0x7f0000000180)='/dev/admmidi#\x00', 0x9, 0x80000) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000280)={{{@in=@multicast2, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in6=@loopback}}, &(0x7f00000001c0)=0xe8) r5 = getgid() mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='fuse\x00', 0x100088, &(0x7f0000000800)=ANY=[@ANYBLOB="66643d18c557ee9aa757a43448063437d05f87e55f00402287e9", @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=r4, @ANYBLOB=',group_id=', @ANYRESDEC=r5, @ANYBLOB=',blksize=0x0000000000001000,blksize=0x0000000000001000,default_permissions,allow_other,allow_other,max_read=0x0000000000000008,allow_other,max_read=0x0000000000000101,max_read=0x0000000000000008,default_permissions,\x00']) ioctl$DRM_IOCTL_ADD_CTX(r3, 0xc0086420, &(0x7f0000000500)={0x0}) ioctl$DRM_IOCTL_GET_CTX(r3, 0xc0086423, &(0x7f0000000540)={r6, 0x3}) dup2(r0, r2) execveat(r3, &(0x7f0000000580)='./file0\x00', &(0x7f0000000680)=[&(0x7f00000005c0)='default_permissions', &(0x7f0000000600)='!\x00', &(0x7f0000000640)='rootmode'], &(0x7f0000000780)=[&(0x7f00000006c0)='group_id', &(0x7f0000000700)='.\x00', &(0x7f0000000740)='allow_other'], 0x100) tkill(r1, 0x1000000000015) openat$ipvs(0xffffffffffffff9c, &(0x7f00000007c0)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0) 19:00:35 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x9, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:35 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x400000000000000, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:35 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000180)) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = dup2(r0, r2) lstat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f00000001c0), &(0x7f0000000280), &(0x7f00000002c0)=0x0) write$FUSE_CREATE_OPEN(r3, &(0x7f0000000300)={0xa0, 0x0, 0x2, {{0x6, 0x2, 0x4, 0x8, 0x8, 0x0, {0x1, 0x8, 0x1f, 0xff, 0x7f800000000000, 0x5, 0xfffffffffffffffb, 0x9, 0x400, 0x3f, 0x3ff, r4, r5, 0x0, 0x3ff}}, {0x0, 0x3}}}, 0xa0) tkill(r1, 0x1000000000015) 19:00:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x4f00) 19:00:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1300000000000000) 19:00:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x12000000) 19:00:35 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x1000000, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:35 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) mq_open(&(0x7f00000000c0)=',trustedGPLnodev[!\x00', 0x1, 0x24, &(0x7f0000000100)={0x3, 0x1, 0x5, 0x2, 0x1, 0x5, 0x2, 0x100000000}) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x240, 0x0) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x7a01) 19:00:35 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x900000000000000, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x12) 19:00:36 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x2000000, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1a000000) 19:00:36 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x40030000000000, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:36 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) ioctl$ASHMEM_GET_SIZE(r2, 0x7704, 0x0) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r3, &(0x7f0000000100)=""/43, 0xffffff8f) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)=0x0) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e24, 0x1, @mcast2, 0x13e8}}}, &(0x7f0000000280)=0x84) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f00000002c0)={r5, 0x5}, &(0x7f0000000300)=0x8) timer_settime(r4, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f00000000c0)) dup2(r0, r3) tkill(r1, 0x1000000000015) 19:00:36 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000180), &(0x7f00000001c0)=0xc) r1 = gettid() r2 = getpgid(r1) ptrace$getregset(0x4204, r2, 0x207, &(0x7f0000000100)={&(0x7f0000000080)=""/102, 0x66}) r3 = gettid() r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r4, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r4) tkill(r3, 0x1000000000015) 19:00:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xd00) 19:00:36 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0xffffff7f, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x2000000) 19:00:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x4f000000) 19:00:36 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x200000000000000, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:36 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) clock_getres(0x7, &(0x7f0000000000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x2600) 19:00:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xe803000000000000) 19:00:36 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x9000000, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:36 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1b000000) 19:00:37 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) ptrace$getsig(0x4202, r1, 0xffff, &(0x7f0000000080)) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) finit_module(r0, &(0x7f00000000c0)='em1keyringppp0.\x00', 0x1) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000280)=""/137, &(0x7f0000000100)=0x89) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:37 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x8030000) 19:00:37 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x200000000000000, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:37 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0xffffff7f, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1200) 19:00:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x4000) 19:00:39 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_refresh_period\x00', 0x2, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r2, 0xc0bc5310, &(0x7f0000000280)) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r3, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r3) tkill(r1, 0x1000000000015) 19:00:39 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x3f00, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:39 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:39 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xc0000084) 19:00:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1d00) 19:00:39 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r3 = socket$inet(0x2, 0x80811, 0x40000000000000) read(r2, &(0x7f0000000180)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) futex(&(0x7f0000000080), 0x0, 0x1, &(0x7f00000000c0), &(0x7f0000000100)=0x2, 0x0) sync_file_range(r3, 0x4, 0x8, 0x5) tkill(r1, 0x1000000000015) 19:00:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x400000000000000) 19:00:39 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x17) 19:00:39 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x2, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:39 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x34000, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:39 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x3) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000180)=0x3f, &(0x7f00000001c0)=0x2) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFCONF(r3, 0x8910, &(0x7f00000000c0)=@buf={0xf70, &(0x7f0000000500)="1dcda9a437495a5bb7d067241783e826d28b25488a723c974dd85bf8c0e86998fdade0d9ae8abb6e1fc4cf240e740afe822cdd9258c534a54488ab22a4b8ebaa972c636d34905787e7daafc631ab492ea6683263d4e276af369b0d5f2196ed204aeb5a752c882e717512068721b4c4537faea95117fda0f892476c0887e785b46a2cee35604fbdd7c7b2beada6cdb4b8d00e8146798578b4e35ef1668abea5ffe11cd4ac4e5b4cc205e6375f1f97328a162dbccbd8fde1ba7fa57f5a5988b831bef24c0a3e719835f5cac0b1e7f4f2d852aafe43f0fc67fb78e589842b1c4a68f7a4c64974014836a38a1820066a6ff79766322ff3c260d605c689b4224c7e8115dc8d8be1a8a6130756932bc9509293b0f5381556b4f42bc3e8b4537351801bcda981d87686161aec50ca2a51b07279b49d2f83c86e60ae7dca45875946bdbc3ecc890e3aa3a80578a3f0f245f50090fcc8a2342c6bd236e8794f85b1694c8b45ec048b4602817168fa694afb7f23fb022f95731241d19c44d342b18f9715472467e13dee3f2e2a867fc4a0f9c0f13b510f2308f8059b42f9c88ad5cd3189cdf80558125205a43fef9b719cf94fe929de79e740f9928305ae8e5a87f0faef38cb047bb0633bde3f30f28a28fdc99a4a24e0b3138da94c7d4ab437ec01f2bc573da3acb544cbc4f21144ae43ee33f497e9a4634eace982412f90acb7d42645e548c232224e50da3706ba1c0fd55af4dcd63ac6afbf2a859a3551a5f7cfe794299e9dc641d7949c3caffbe10f0125efde151f02f7b04c70556361d5199fd6e1eafec851cb6570c17824e0dc7b1b1d668d6a1ca17e6e00b9042782f2da0d47e81d5ea66dd97d87c68a06509e67089a8f1e166a358ffe8299cf49c4f22932651820a9e30844fdcdaff06114f750259996977301fa390322e573b232a16858e46a8967b47c57994f8d831ca88ebc8117602f352a692cf4c9b4dadbfdfb9332e670331438ef14c92704f817b4167c3cb44e6fe6755593ad033471869dfb1110827e0577131614634b80132f0961deb9b6ab8d66bfe9263abd7fa85102ab39029332d5b4be51b1a9f8ab882867efcb4e07b05b13048e0a1f300b5add861575978d8bb3ce2344052057607a65f6028decc1c0e7d49ce1b63d3f8f1521387f0c2b4c8de783db6976f9f88213e07c82dc840fce785130f7448ec647c63fae95ffc7999f7b6af8a783271413c15abbadbc2b9fdb981397bcc38e72b28973bba312b889b55dc89843ac15149d851f14ef44d9a5decdbdd866d1b25e7c2dbba69b5197e355d463fd1034ddac285d17a324e75d597567510ae8a9c26b8575fd6c2e4025cda2a51c3ab6af2f763a1dd44448f61255e27362a9ac01559ac449cc5965a51351fc72d7c8b343d2db2dbbf14a3df4d101bdcf149b1b0e19fe8d79dbbadf2f104383a393bfd13c2bdffd6f43c39fa489ebbc104f9bfe4a442cfd591783efdfc63e3f7c5f8eb4f146fe6f3b4c67ae133f32d8af948236d2ae6dd4aa2e9ce2047fa919fe8a805226810132a15ad07c6d3f20e3768ce62a15607c3ab2a38d335602c9f4163b8353469568fd4d815bbd6a59bc7676b631a767aeacaf4912ffb37da3bfc87a36d9d893572aaf618454caa537a868cb7dca90f3f8856a01e7f52d8f1bbb8fdc950fa4cc4274d6a10d9721b66efd71c0f1057c7e3597b050e0097d312f4577d30dbee4663188f58cc59bd337dab5ecb91051c9b432c84584e2c76e7a5b2a768b566beda9ce048a255dc3aa8b3ea9e87074d102b666b84fe0ed92b396d83c8a258491f2b45ea682aa216a7660467072b9cefcecc505dfbad86d3e56d18bf91ed1483eafc8724825150e2dff2b9414ad26f1b52162f57b6ff6d94779be96be3750c2aa96991e2e8004b4907b9cba2a3780bd74a68de301aa83a3050a7e0171f59835dd98d40d0c04621a9358825db325081bca8e7277a1c3dad496d155f7e4704599fb36c8be0e26143f148ca03f64a79d16179015d3e73fd19a0461f6f1c58feba7e64189eb7b994b7d69d1b19ee934e10d8d543292893a1650a296e9500e78dbb89889a39349580b0b8ec5a8d00ade8a6ac98172d9e312684768ae8bc09013b45153fddec9cf4e6598d10c47203af83463bd3ca0084b3145cbf814416f947e4c6e8405df638e166684117910ef4da4db306c3bb51fe31c7f164fab9c2de9168ef384ac1b3b40fd8f1db53568276d6c817bf54005623791f16f73d3137c918684eea4f8f43d23366140163b4bc0548d4bebddb8af98aba75cbe93bf8bdf3ececa3f8fb0d16de170ed4642aa936abd8145333428dc010b661be509731ec09d2f8496d0bcd570e7dd0f4282aa1187d09404c7d0cde43593b954b122190c495862311d693d1217058899a11771a016d53c1bd2d2fba106252d3dd9b1c0d47b93ff706560d4ea9a90d7bb710d0cefa6c7842e0c60ff375042936a0abf0b696899841464435dd99c884597bc120ee534295b907ee146f66434d0355ac6612703af178d43078a7e15dfed3fddedaf833fe0546f52ea033b7714dff6700143a8566621b19a14d36c3d1470e21be987855219a226e0bc39dfe381c4df578b2f91939df9c3ed689f0f09ed5ceeb51afe12bd6501fb55f15b5ead8d0423f3f4ad14874a7a12dddd9217561a56c9c735f306fc51f79dc72c54b6b127badd2c9c14358d888fca84e3fc9b2426217449e53507336ec3213ab832b150e0ddb656bb4141cfbf2057ae5d6aeb12b5976ee52dbed33681d920a6c4f62113c1892c9eab9573120c6d71f96aa609ae0a8847d031331e87a09b1b3af3d34b8b5d6aab52426304d4170c1d2a4228be467657d27f975f4bcd0f369b2cf45831c0db59df9b1d09ffaac4150376bf6b3271fe804e9f2b7700103791251b983a1c084ff53de174d70092b8bc0d08db8e9684cf1feb8435aa14b235f18c7b1c86ac4f507db74bc975471566cdf37add9b03ae32e65cb163d34fcb8cd25c812909a75a3b3328e7ca5c6da63bb16f805bd0bfedc3f388356d049c612b26aa7e1892b1fb73996c1972d221f013e0ea22744790f6afb7d79261053ca3f90a0ac0c4e95ed2b51890e71df8b299b9f3b2c632ad70d586411ecc920601955d0b0b34670d0297ba125601a5b89e11054b19af5796630284afd06f493fff309452a1a52146a71514266d514350f4bbb72532ebf6c94433686dad2efd53ebd4681bd3eef7275e5100cb08f598a3a9a330415404690770374975fbf70dbe20d5e6dfe7d5726171589f3c59ff5ffff29410a8f686f082d4acdf0b674aee647dc716e6c96d0713ded9173a2aaa909e13ad374955cfd9f5233494e83aca59aeaa7171f64cd5c1d300377f674022138ad6ffe31916640ba81e86477a1016974e9b4efbaa035a839647d3cdba638a78155b0383ddc1be5184d0c66b55b556a0f8253b9239c0a75b532b12ba8f0e62c2f299da9cbdf7735fd4f24b2fa4cdabe62fb5179ab549a321915bfdd9aa35127aa68e4c0f6fe8e9c77f641ded84d98cf5acb5f008a21345040d488bbc61db6d847fcc88c05fd685a1bc6ace36887052864b83637fd95feb1da81924111ec4686f3e23aaf5c0ca3158e33a14e86eb036b46cda2a7d51e719fa8b1a31c07514a78d80d02c4258d9527b7c0f7ce0e70c8b337d87932f2be2ea593b0d32178a5ea9aef33894d334110c96c65a5430eab9c109db6c23e4d2764a280ab5ff8e748457d358596e86756d0c40f345feb8ce066c9a139b0e910835ae9e28b06e7c855c84ed97e0530a08b2dfe81a1b17f3b83f99348cc890f41059dd45fed3214322a07ecce80e8b0986b49e425e025df81740713512be25acf93f217c062f2e7e588c980754d6f0c90a35a474e17f1ef161dfa2171608ba73b9ee007c787ad7b75a9e4c5e169cc8d0f3c4878c9504f74294f43c73c022c693ca1f9b6e008f20e6c7708d4a38e43d56319f92998e7d9f662feb566e71d480b501f5323e5b7bf4263f7056ef527ddf7696003eb05e8e9ee191e55de68db1657fe3fefb98239123a34e3850dc28393eb86216d9b39d6f759fc4b85bfd99c8a1b0a7220833f4185a2039df5264b27f9d6439d6e0519841ff74896b9216f32e404e6e4ae06db24ce43a11ce666b8da7abb6878f253073d49079e3d04be86b5ff63ad476baf2c6f332511d62cf38473affda49df32d2683268097dedf92d765a7f82555c7572439682c5393a53fc0c12a13fc25e4bca9b8d77a98f6e23e6a3a2d19bcd64b93bbbb44cd955eb58b773198c97347840844d3ee52d6cb03e4483512f02919a20dbb7a7be8651f6b62e0c9abf848b3d7e70614cbec5b47256bd00507ff3a0d4c124f48b564a9b4265fdfcbee3f09deabcb1a378697900cb6502a442868289db054cf8e94b00bcfe69dcb31671c456699fb703f1c7ac13a0bf9c5f8bb818174e3481ccc28094632d289a2143bd617bd87bec6d0801c9d16f94be3fdcfcee4c53d16b6cca02748831f813e720709827c0c65c7d2e2ccb479d01e3f320d7d69971e8613ea6ec1ad88d7e3e2100332b4be00c804d1b231d0bdf6baba56b1fd15093083d8868c1dc8ed5c05287e4e0f5ef619d68b7414e50cca5d467981ba3aa7571fd737b090afc05135cbbc6f7adda4dac4dd356d3a80418ee20e580030e9cf112bd3e586e8208cdea7c27530f5bb6b62fdd7fdd15a0d6c7c32cc9ed3247b8c3adba859f90cb16514c7aab93f1198a284448a2a3137cb8293d5a7c05b6319dde9e67342b7b30c3174c2a7c9e6d13794610679b50f02cdff4f97129ff79a93ce3f2d7a04724d78f1ca1ebf7809de2eab7aae7c2fe6c29b07fba9b9a6ea1f9be56ad17d668622e403a275ee63b1e5292ef8b032ffa0bab9359e61785c44c9f54962259e9eda1d17b0497792a1d31d83aed722486d0b446b1d3348b1706c2b0da4e54140098a73c5dfd5d441d2b43cf59a830e4a07e87dd4b4820ebb380c7324f40cfcf4fb49c7c601e3211620e43d22b399ba271480b83edcc50fcc71abd328150079f14c78924c667e827682080dd577b24e42671c07800f5c718f281d291b0122ca120155fdad9101bc039db8f7209170f78551316395a8575321e4d648ce6eee2800457f0ecd2a382f5cd96914e66151e23b47311a89c745691aecdcd70a41467eb1f420f767ed6ab287ec3befd3579626239ed06e98c02735eec47009082be79cedb4e55b6c4f3e4b79858529297a9125fba4fd1db2f0b9f290328c2a0db6ef5d7fc19450b6891c3c2cb9b3610f5bd36da5ddbb54de51bc334d8b6d549f08822f3f1495148aadefbceac5bc4242bb3c94181089a710dcc911b83fa27311cac799b516b81fc657c4133d2d4f1605910062b4d7ee167c4fd20160482e61a6b9c22fce01734265b7b4a8f1dc74ee87e625d88ec2feba72fa5d294ccd33f522eeb83616d8e329d06d5b51a9fd762c88012af94596264afa77fe58258547f39e87b1482f45f1d123e6ee130f816fb3fd9923cb6d7d800f505c0c46776d1a42d4078d35c7b23f5197687f17de4bd298427d4f1e6c935e3e53e41037415b10a77c1e233"}) sendmsg$nl_generic(r3, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f}, 0xc, &(0x7f0000000440)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c0001002200010000000000000000000400ed000008000c00", @ANYRES32=0x0], 0x1c}}, 0x0) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x4, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r4 = dup2(r0, r2) tkill(r1, 0x1000000000015) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) mq_timedsend(r4, &(0x7f0000000280)="3585a060ca90745504d4f16a00add78ca1783272453d42d7d53e4d2b1b8a08210b6a4dc76748db8a9c1e4099f1bd442a7f31641e3d3a5de64dc9dfb1acd1e267e0f0ee8ac49d66e3e833086305a3115f5fff426b92f4ae22510c61bde3ee13c61e894de4f10fcb1851f6a627f4f4b53288610b022bde9b51d32903f073091c29b937e0ad1185d18b6f195ea524391c90fd87992943", 0x95, 0xfffffffffffffff7, &(0x7f0000000100)={r5, r6+10000000}) 19:00:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1b00000000000000) 19:00:40 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x34000, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:40 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x400300, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xc0010003) 19:00:40 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r3 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) read(r3, &(0x7f0000000340)=""/218, 0xda) setsockopt$inet_tcp_TLS_RX(r3, 0x6, 0x2, &(0x7f00000000c0), 0x4) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r3, 0xc0bc5351, &(0x7f0000000280)={0x0, 0x2, 'client0\x00', 0xffffffff80000000, "ac2a19e8e6104ed3", "54beaa0d0903c876ebfdf93ab2641d97cf4f25c37d2a527fd85d51ed7d69c0a0", 0x7, 0x5}) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1900000000000000) 19:00:40 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f00000000c0)={0x3, {0x2, 0x4e23, @multicast1}, {0x2, 0x4e20, @multicast2}, {}, 0x1f1, 0xf01, 0x81, 0x5, 0x6, &(0x7f0000000080)='syzkaller0\x00', 0x1, 0x8, 0x100000001}) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:40 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0xffffff7f00000000, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:40 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x900, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1e000000) 19:00:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1a000000) 19:00:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1700) 19:00:40 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x900000000000000, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:40 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x100000000000000, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xa0010000) 19:00:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x8004) 19:00:43 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x12) 19:00:43 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x400300, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:43 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x16) 19:00:43 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x4000000, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:43 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x6000000) 19:00:43 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) prctl$setfpexc(0xc, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) socket$rds(0x15, 0x5, 0x0) dup2(r0, r0) tkill(r1, 0x1000000000015) 19:00:43 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x480) 19:00:43 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x900, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:43 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x2, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:43 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x48) 19:00:43 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xe00000000000000) 19:00:43 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x9, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:44 executing program 1: r0 = getpgid(0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1000000000000000, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7}, r0, 0x0, 0xffffffffffffffff, 0x0) r2 = gettid() r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) fcntl$lock(r1, 0x7, &(0x7f0000000280)={0x0, 0x4, 0x0, 0xffffffffffffff7f, r2}) read(r3, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) read(r1, &(0x7f0000000080)=""/86, 0x56) r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rfkill\x00', 0x200, 0x0) signalfd4(r4, &(0x7f00000001c0)={0xfffffffffffffffa}, 0x8, 0x800) fcntl$setlease(r1, 0x400, 0x3) ioctl$KVM_S390_VCPU_FAULT(r4, 0x4008ae52, &(0x7f0000000180)=0x5) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r1, r3) openat$ashmem(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ashmem\x00', 0x80, 0x0) ioctl$TIOCGSID(r4, 0x5429, &(0x7f00000002c0)) tkill(r2, 0x1000000000015) 19:00:44 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x1000000, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xfdfdffff00000000) 19:00:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xce) 19:00:44 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x40030000000000, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:46 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x400000000000000, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:46 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x9000000) 19:00:46 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x3f00000000000000, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:46 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1b0001c000000000) 19:00:46 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() socketpair$inet_udplite(0x2, 0x2, 0x88, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f00000000c0)=0x240, 0x4) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r4, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r3) tkill(r1, 0x1000000000015) fsetxattr$trusted_overlay_origin(r2, &(0x7f0000000080)='trusted.overlay.origin\x00', &(0x7f0000000100)='y\x00', 0x2, 0x2) 19:00:46 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) 19:00:46 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x2000000, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:46 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x4000000, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:46 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1e000000) 19:00:46 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x80040000) 19:00:46 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xb000000) 19:00:46 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x9, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:46 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x3e8) 19:00:46 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x9000000, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:46 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1c00) 19:00:46 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x3f000000, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:47 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x3b) 19:00:47 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:47 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0xffffff7f00000000, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:47 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1d) 19:00:47 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x100000000000000, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:47 executing program 3: r0 = syz_open_dev$audion(&(0x7f00000001c0)='/dev/audio#\x00', 0x1f49, 0x402000) setsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, &(0x7f0000000280)={0x680, 0x1f, 0x1ff, 0xc68}, 0x6) r1 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = gettid() r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r3, &(0x7f0000000140)=""/43, 0x2b) r4 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) syz_open_pts(r4, 0x0) prctl$setname(0xf, &(0x7f0000000180)='[wlan0-mime_type/e\x00') r5 = dup2(r1, r3) accept4$llc(r5, &(0x7f00000000c0)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000100)=0x10, 0x80800) tkill(r2, 0x1000000000015) 19:00:47 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1000000000000000) 19:00:47 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xf00) 19:00:47 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:47 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:47 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xd000000) 19:00:47 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() syslog(0x4, &(0x7f0000000000), 0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x5}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:47 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x900) 19:00:47 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:47 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:47 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1500) 19:00:47 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x6) 19:00:48 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r0, &(0x7f0000000080)=""/43, 0x6) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:48 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:48 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:48 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x600000000000000) 19:00:48 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xc001102a) 19:00:48 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xffffffff00000000) 19:00:50 executing program 1: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) gettid() r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r0, &(0x7f0000000140)=""/43, 0x2b) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, &(0x7f0000000280)}}], 0x1, 0x0, &(0x7f0000003280)) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpgid(0x0) getpgid(0x0) fcntl$getownex(r1, 0x10, &(0x7f0000000340)={0x0, 0x0}) r3 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x0, 0x20240) ioctl$KVM_ASSIGN_PCI_DEVICE(r3, 0x8040ae69, &(0x7f00000003c0)={0xff, 0x7, 0xb2, 0x6, 0x6}) r4 = getpgid(r2) process_vm_writev(0x0, &(0x7f00000004c0), 0x0, &(0x7f0000000900)=[{&(0x7f0000001480)=""/4096, 0x1000}, {&(0x7f0000000500)=""/175, 0xaf}, {&(0x7f00000005c0)=""/89, 0x59}, {&(0x7f0000000640)=""/221, 0xdd}, {&(0x7f0000000740)=""/135, 0x87}], 0x5, 0x0) lseek(r1, 0x0, 0x4) ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, 0xffffffffffffffff) keyctl$session_to_parent(0x12) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000140), &(0x7f0000000180)=0x4) mount$fuse(0x20000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x88, &(0x7f0000004380)=ANY=[]) r5 = request_key(&(0x7f00000001c0)='.dead\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000240)='fuse\x00', 0xfffffffffffffffd) r6 = syz_open_dev$mice(&(0x7f0000000a00)='/dev/input/mice\x00', 0x0, 0x101000) setsockopt$packet_rx_ring(r6, 0x107, 0x5, &(0x7f0000000a40)=@req3={0x8, 0x0, 0x1, 0x101, 0x401, 0x0, 0x3}, 0x1c) r7 = creat(&(0x7f0000000380)='./file0\x00', 0x2) keyctl$restrict_keyring(0x1d, r5, &(0x7f0000000280)='big_key\x00', &(0x7f00000002c0)='net/ip6_flowlabel\x00') ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r1, 0x400c6615, &(0x7f0000000000)) getpgid(0xffffffffffffffff) sched_setaffinity(0x0, 0xffffffffffffffe3, &(0x7f0000000100)=0x8) r8 = open(&(0x7f0000000980)='./file0\x00', 0x420000, 0x40) ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000ac0)={0xfffffffffffffffa, 0x8001}) msgget(0x1, 0x0) write$USERIO_CMD_SEND_INTERRUPT(r7, &(0x7f0000000300)={0x2, 0xffffffffffffff00}, 0x2) getpriority(0x2, r4) 19:00:50 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x8000000000) 19:00:50 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:50 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x19000000) 19:00:50 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = dup2(r0, r2) tkill(r1, 0x1000000000015) write$P9_RREADDIR(r3, &(0x7f0000000080)={0x2a, 0x29, 0x1, {0x3f, [{{0x8, 0x3, 0x5}, 0x10001, 0x8, 0x7, './file0'}]}}, 0x2a) 19:00:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xe8030000) 19:00:50 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x820000c0) 19:00:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x7fed0de2f700) 19:00:50 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:50 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x580001c0) 19:00:51 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x40000000003, &(0x7f0000000000)={0x0, 0x32, 0x7}, &(0x7f0000000280)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) ioctl$SG_NEXT_CMD_LEN(r0, 0x2283, &(0x7f0000000180)=0x12) r3 = dup2(r0, r2) ioctl(r0, 0x0, &(0x7f0000000080)="a764f9d0fae45a460b0723e15be889a0b90689234c947e6492da720b393a03ee81318b7488581a6b3356bb9f03eab1789b126643c471d261541683fcf175eaacabf376fd46332be430d89b4f3283d96610f36dd67c04b25344cc6f2176bf4f4ed101cd4aa7d321260301ba512022dbc254c08717fa3d18bd70951a699317b870302a699a912f465dda739d38f85697779c5c830212ac762dec1393672d587e93") tkill(r1, 0x1000000000015) ioctl$TIOCLINUX5(r3, 0x541c, &(0x7f0000000040)={0x5, 0x8, 0x7, 0x0, 0x3}) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS(r3, 0xc0385720, &(0x7f00000002c0)={0x1, {r4, r5+30000000}, 0x6, 0xfffffffffffffffc}) 19:00:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x500000000000000) 19:00:51 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:51 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x9e00) 19:00:51 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000080)=0x0) timer_create(0x4, &(0x7f00000000c0)={0x0, 0x31, 0x1, @tid=r1}, &(0x7f0000000100)) r2 = gettid() r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r3, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r3) tkill(r2, 0x1000000000015) 19:00:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xd9010000) 19:00:51 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xb00000000000000) 19:00:51 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x15000000) 19:00:52 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:54 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000680)='/selinux/load\x00', 0x2, 0x0) pwritev(r3, &(0x7f0000002800)=[{&(0x7f0000000540)="ae", 0x1}], 0x1, 0x3) timer_create(0x0, &(0x7f0000000000)={0x0, 0x10012}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:54 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:54 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xc0000082) 19:00:54 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)=0x0) syz_open_dev$vcsa(&(0x7f0000000180)='/dev/vcsa#\x00', 0x80000000, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r4 = dup2(r0, r2) ptrace$pokeuser(0x6, r1, 0x10001, 0x8) timer_settime(r3, 0x1, &(0x7f00000000c0)={{0x0, 0x1c9c380}, {0x77359400}}, &(0x7f0000000100)) tkill(r1, 0x1000000000015) connect$bt_sco(r4, &(0x7f0000000080)={0x1f, {0x5, 0x3ff, 0x5, 0x9, 0xa1fd, 0x400000000}}, 0x8) 19:00:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x13000000) 19:00:54 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:54 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1b00) 19:00:54 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:54 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1c00000000000000) 19:00:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x200000000000000) 19:00:55 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:57 executing program 1: r0 = msgget$private(0x0, 0x200) fstat(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x1, &(0x7f0000000100)=[0xffffffffffffffff]) lstat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f00000001c0), &(0x7f0000000300)=0x0, &(0x7f0000000340)) r5 = gettid() ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000380)=0x0) msgctl$IPC_SET(r0, 0x1, &(0x7f00000003c0)={{0x2, r1, r2, r3, r4, 0x20, 0x1}, 0x1, 0xce, 0x80000000, 0x7, 0x8000, 0x894e, r5, r6}) r7 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r8 = gettid() r9 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r9, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r7, r9) tkill(r8, 0x1000000000015) 19:00:57 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:57 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1400000000000000) 19:00:57 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vcs\x00', 0x0, 0x0) ioctl$SG_GET_PACK_ID(r3, 0x227c, &(0x7f0000000180)) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x77359400}, {0x0, 0x9}}, &(0x7f00000000c0)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:57 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:57 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x15) 19:00:57 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:57 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000080)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) pipe2(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) ioctl$KVM_GET_FPU(r3, 0x81a0ae8c, &(0x7f0000000280)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) syz_open_procfs$namespace(r1, &(0x7f00000000c0)='ns/net\x00') tkill(r1, 0x1000000000015) 19:00:57 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xa010000) 19:00:58 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x300000002000000) 19:00:58 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() timer_create(0x6, &(0x7f0000000180)={0x0, 0x0, 0x6, @thr={&(0x7f0000000080)="6f7c016805f3a59f3c4033d6f2011c92da494f88", &(0x7f00000000c0)="918b86fca402fee720f0817a49152ac5908bc585c90e77b13ace277ee65aa54481bb9cc17454b4dd4002d158438a41f4435fe743b87530eb360033a566f78e8bf8fb9dcc060eb885d30bda3b4297"}}, &(0x7f00000001c0)) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) socket$inet6_udplite(0xa, 0x2, 0x88) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:00:58 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:58 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:00:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x3e8) 19:01:01 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) getsockopt$bt_l2cap_L2CAP_CONNINFO(r2, 0x6, 0x2, &(0x7f0000000300), &(0x7f0000000340)=0x6) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:01 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xc0000081) 19:01:01 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = dup2(r0, r2) ioctl$TIOCCONS(r3, 0x541d) tkill(r1, 0x1000000000015) 19:01:01 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:01:01 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xa) 19:01:01 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:01:01 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1e) 19:01:01 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:01:01 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r1, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r1) getresuid(&(0x7f0000000080)=0x0, &(0x7f00000000c0), &(0x7f0000000100)) setuid(r2) tkill(0x0, 0x1000000000015) 19:01:01 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:01:01 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xc0011022) 19:01:01 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1700000000000000) 19:01:02 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:01:02 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:01:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x5) 19:01:02 executing program 3: r0 = syz_open_dev$sndpcmp(&(0x7f0000000100)='/dev/snd/pcmC#D#p\x00', 0xb0, 0x10080) ioctl$SNDRV_TIMER_IOCTL_STATUS(r0, 0x80605414, &(0x7f0000000280)=""/229) r1 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x180, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f00000000c0)=0x7) r3 = gettid() r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r4, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r1, r4) tkill(r3, 0x1000000000015) 19:01:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x80000) 19:01:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x6000000) 19:01:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x2e000000) 19:01:02 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:01:02 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r3 = open(&(0x7f0000000080)='./file0\x00', 0x42, 0xd0) ioctl$SNDRV_TIMER_IOCTL_STOP(r3, 0x54a1) write$P9_RFSYNC(r3, &(0x7f00000000c0)={0x7, 0x33, 0x2}, 0x7) read(r2, &(0x7f0000000140)=""/43, 0x2b) keyctl$session_to_parent(0x12) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, &(0x7f0000000100)={0x2, 0x101, 0x2, 0x4, 0x4}) 19:01:02 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:01:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x3a00) 19:01:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x300) 19:01:02 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:01:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1100) 19:01:02 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:01:02 executing program 3: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/hwrng\x00', 0x4000, 0x0) ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f00000002c0)=&(0x7f0000000280)) r1 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000000000000a004e20050000df0e1b915d1201013b00fe8000000000000000001000000000aa00000000000000000000000000000000006c5c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000020000000a004e236551000000000000000000000000000000000001060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000e59af5c05d47d46ecd66d73df9ff46995a28336af80e270000000000000000000000000a004e2181000000fe80000000978cd9c716b1ca1cf8724900000000000000000000000000000000000000009e1f69400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x190) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000540)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000500)={0xffffffffffffffff}, 0x106, 0x5}}, 0x20) write$RDMA_USER_CM_CMD_DESTROY_ID(r0, &(0x7f0000000580)={0x1, 0x10, 0xfa00, {&(0x7f00000004c0), r2}}, 0x18) r3 = gettid() r4 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x1, 0x10000) write$USERIO_CMD_SET_PORT_TYPE(r4, &(0x7f00000000c0)={0x1, 0x100000001}, 0x2) read(0xffffffffffffffff, &(0x7f0000000000)=""/43, 0x2b) timer_create(0x0, &(0x7f0000001640)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000001600)={&(0x7f0000000600)=""/4096, 0x6000, 0x1000, 0x7}, 0x18) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r4, 0x4010ae74, &(0x7f00000005c0)={0x3f, 0x4, 0x8}) dup2(r1, 0xffffffffffffffff) tkill(r3, 0x1000000000015) prctl$seccomp(0x16, 0x1, &(0x7f0000000180)={0x1, &(0x7f0000000100)=[{0x2a1, 0xfc2, 0x0, 0x1}]}) 19:01:02 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x3, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:01:02 executing program 1: r0 = syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0x8, 0x0) getsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f00000001c0), &(0x7f0000000280)=0x4) r1 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = gettid() r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r3, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r1, r3) tkill(r2, 0x1000000000015) 19:01:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x7b01) 19:01:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xf00000000000000) 19:01:03 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:01:03 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x2, 0x0, 0x2}, 0x10}}, 0x0) 19:01:03 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) r3 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x3, 0xc800) ioctl$BLKIOOPT(r3, 0x1279, &(0x7f00000000c0)) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r4 = dup2(r0, r2) getsockopt$sock_buf(r4, 0x1, 0x3b, &(0x7f0000000100)=""/2, &(0x7f0000000180)=0x2) tkill(r1, 0x1000000000015) 19:01:03 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x4f) 19:01:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x8004000000000000) 19:01:03 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x3, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:01:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x7000000) [ 476.399060] audit: type=1326 audit(1537556463.546:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=18932 comm="syz-executor3" exe="/root/syz-executor3" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457679 code=0x0 19:01:03 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0xc04c5349, &(0x7f0000000080)={0x7, 0xffffffffffffffe0, 0xfffffffffffffff8}) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:03 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x9, 0x0, 0x2}, 0x10}}, 0x0) 19:01:03 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) tkill(r1, 0xd) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:03 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x80ffff00000000) 19:01:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xe000000) 19:01:03 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x34000, 0x0, 0x2}, 0x10}}, 0x0) [ 476.503227] audit: type=1326 audit(1537556463.646:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=18932 comm="syz-executor3" exe="/root/syz-executor3" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457679 code=0x0 19:01:03 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1a00) 19:01:03 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x100000000000000, 0x0, 0x2}, 0x10}}, 0x0) 19:01:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x4000000) 19:01:03 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x40030000000000, 0x0, 0x2}, 0x10}}, 0x0) 19:01:04 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x3400) 19:01:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1500000000000000) 19:01:04 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) setsockopt$sock_linger(r2, 0x1, 0xd, &(0x7f0000000080)={0x1, 0xc12f}, 0x8) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:04 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x400000000000000, 0x0, 0x2}, 0x10}}, 0x0) 19:01:04 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x400000000000000, 0x0, 0x2}, 0x10}}, 0x0) 19:01:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xc00000000000000) 19:01:04 executing program 3: r0 = socket$can_raw(0x1d, 0x3, 0x1) flistxattr(r0, &(0x7f00000002c0)=""/151, 0x97) r1 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = gettid() r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x3) r4 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x8f43, 0x80) bind$nfc_llcp(r4, &(0x7f00000000c0)={0x27, 0x0, 0x0, 0x7, 0x80, 0x8, "c660f060fc967b9862831311e2b5d2f1a58e15c9513742198eeb26d29958bcdde73d11b6008d4a696ccb3b9769ef93b19baaeec7e26c8dca4264763db97abd", 0x7}, 0x60) ioctl$SCSI_IOCTL_PROBE_HOST(r3, 0x5385, &(0x7f0000000180)=ANY=[@ANYBLOB="6900000000000000000000000000070000000000000000000000000000000000000000000000000000000000000000000000000000fe4e850000000000000000000000000009266a4ad4ea1f3a9b2cb29616ada569000000000000000000000000080000000000000000000000"]) read(r3, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f000006b000)={{r5, r6+30000000}, {0x77359400}}, &(0x7f0000040000)) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r4, 0xc0105303, &(0x7f0000000380)={0x8, 0x81, 0x5}) dup2(r1, r3) tkill(r2, 0x20) 19:01:04 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x11e) 19:01:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1d00000000000000) 19:01:04 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x2000000, 0x0, 0x2}, 0x10}}, 0x0) 19:01:04 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x900000000000000, 0x0, 0x2}, 0x10}}, 0x0) 19:01:04 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xf00) 19:01:04 executing program 1: socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) fcntl$getflags(r0, 0x401) r1 = msgget$private(0x0, 0x0) msgctl$MSG_INFO(r1, 0xc, &(0x7f0000000080)=""/135) r2 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = gettid() r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r4, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x2, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000000280)) dup2(r2, r4) tkill(r3, 0x1000000000015) 19:01:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x40000000) 19:01:05 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x900, 0x0, 0x2}, 0x10}}, 0x0) 19:01:05 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x9000000, 0x0, 0x2}, 0x10}}, 0x0) 19:01:05 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xa01) 19:01:05 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) migrate_pages(r1, 0x6, &(0x7f0000000080)=0x4, &(0x7f00000000c0)=0x7fff) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:05 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x3, 0x800) tkill(r1, 0x1000000000015) 19:01:05 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x400300, 0x0, 0x2}, 0x10}}, 0x0) 19:01:05 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0xffffff7f00000000, 0x0, 0x2}, 0x10}}, 0x0) 19:01:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x500) 19:01:05 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x6) 19:01:05 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x40000, 0x0) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xd) 19:01:05 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x5000000) 19:01:05 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x900000000000000, 0x0, 0x2}, 0x10}}, 0x0) 19:01:05 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x3f000000, 0x0, 0x2}, 0x10}}, 0x0) 19:01:05 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = dup2(r0, r2) tkill(r1, 0x1000000000015) sendfile(r0, r3, 0x0, 0x6) 19:01:05 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x4, 0x0, 0x2}, 0x10}}, 0x0) 19:01:06 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) io_setup(0xfffffffffffffffb, &(0x7f00000001c0)) ioctl$KDGETLED(r3, 0x4b31, &(0x7f00000000c0)) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) syz_extract_tcp_res$synack(&(0x7f0000000280)={0x41424344}, 0x1, 0x0) syz_extract_tcp_res(&(0x7f0000000300)={0x41424344, 0x41424344}, 0x0, 0xffffffff80000001) syz_emit_ethernet(0x13e, &(0x7f0000000340)={@remote, @remote, [], {@ipv6={0x86dd, {0x2, 0x6, "0cdc15", 0x108, 0x2f, 0x7, @dev={0xfe, 0x80, [], 0x19}, @ipv4={[], [], @broadcast}, {[@dstopts={0x21, 0x7, [], [@generic={0x8, 0x1f, "0a6d8a3f0fd181121ae0e2d8e507a8742c2e7e13c1ca5383a30c4d384e5617"}, @hao={0xc9, 0x10, @ipv4={[], [], @rand_addr=0x3}}, @enc_lim={0x4, 0x1, 0x7}, @jumbo={0xc2, 0x4, 0x1}]}], @tcp={{0x4e22, 0x4e21, r5, r6, 0x2, 0x0, 0x8, 0x4, 0x3, 0x0, 0x59, {[@timestamp={0x8, 0xa, 0x1, 0x4}]}}, {"099c709d6c0982e45b7c35ee5c0e51945bfd6f6964fe79cec0e2990e0a683786784257b4469d056072a71a4975ab9d7d7851254aa33e52eb4132d898865f051381fae6219baf682188b5feb9853bd7061006793beda2fea25044148a2a571204d7dde1e1b4f7979af24d821acf7d1e783bae570e774c73ec1d493cf866e4e8d190c162c38da362d240b680bb39dd1bbbcf8b98d5a17762f6bf1592a3f0cc13b7"}}}}}}}, &(0x7f0000000480)={0x0, 0x4, [0x4f0, 0xfb6, 0x130, 0x742]}) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}}, &(0x7f00000002c0)) getsockopt$inet_sctp_SCTP_HMAC_IDENT(r4, 0x84, 0x16, &(0x7f0000000100)={0x2, [0x8, 0x7]}, &(0x7f0000000180)=0x8) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:06 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0xffffff7f, 0x0, 0x2}, 0x10}}, 0x0) 19:01:06 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1600000000000000) 19:01:06 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xc1000000) 19:01:06 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() socketpair(0x4, 0x2, 0x9808, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000000440)={{{@in=@dev, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in6}}, &(0x7f0000000140)=0xe8) lstat(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getresuid(&(0x7f0000000600)=0x0, &(0x7f0000000640)=0x0, &(0x7f0000000680)=0x0) lstat(&(0x7f00000006c0)='./file0\x00', &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000000780)={{{@in6=@ipv4={[], [], @remote}, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6=@ipv4={[], [], @loopback}}}, &(0x7f0000000880)=0xe8) r13 = getgid() timer_create(0x4, &(0x7f00000013c0)={0x0, 0x16, 0x2, @thr={&(0x7f0000001280)="52b0165f169d18c191859671bfafe9749c3ed93d6aa440efbfb127846513d3d8c25a6164a220243f4660dc3b07572c1f8960e7c3cd862599dfcf6c9d802cd6e7959b2f6df98731685a5a18b33dacab9c2b2b99ef83be271000c8b9c6c5da3bb1eb8f60dcef4c7141b6dd616f6b3df20a7f6d38b2364a9625bdc692ad553ba271a1093c8ec32bbc4018f0a174d479956d1106a8de094383dd3f1ae797952d369ad4ad73ca4f15c6bda96affb30e6fead2291e6ec4c8dc4b950c5cd1c4cc37", &(0x7f0000001340)="a6cc980b6d04f0c2b1982010146e27dc08ccd5cd26b093e6acb0b48887a294cbc8ce97a4b5055e5d330c0cd05d335130a4a3d81266156c3e7c728a32efb6564c8e591300ef1e68e650d88a66a8e8a92af2589911fe7c6d92a33ba24860ff2079646fc02e47fcdf3ab5d171c4f3d32cb5086f"}}, &(0x7f0000001400)) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000e80)={0x3f8, 0x0, 0x3, [{{0x1, 0x3, 0xd9be, 0x2, 0x4, 0x7, {0x5, 0x7fffffff, 0x1000, 0xfffffffffffffff8, 0x7f, 0x8a0, 0x1ff, 0x9, 0x400, 0x1fffe, 0x100000000, r9, r13, 0x6, 0x6}}, {0x6, 0x1, 0x1f, 0xdb, ':posix_acl_accessnodev\\trusted*'}}, {{0x6, 0x0, 0x4, 0x5, 0xbcbc, 0xff, {0x5, 0x20, 0x5, 0x7, 0x1, 0x1f, 0xac, 0x101, 0x3, 0xffff, 0x68, r5, r13, 0x8}}, {0x4, 0x7, 0xa, 0x9, '127.0.0.1\x00'}}, {{0x5, 0x3, 0x200, 0x9, 0x8, 0xff, {0x4, 0x9, 0xfffffffffffffffd, 0x800, 0xcbcc, 0x7, 0x3, 0x14, 0x2, 0x7, 0x4, r7, r11, 0x0, 0x12}}, {0x3, 0x76db, 0x9, 0x3f34, 'mime_type'}}, {{0x5, 0x1, 0x800, 0x8, 0x10000, 0x80, {0x3, 0x2, 0x2, 0x1000, 0x1, 0x4, 0x1000, 0x1000000010000, 0x5, 0xb7, 0x7, r9, r13, 0xfffffffffffffffd, 0x4}}, {0x2, 0xfffffffeffffffff, 0x2, 0x2, 'rq'}}, {{0x0, 0x0, 0xc42, 0x2, 0xb3, 0x4, {0x1, 0x3, 0x4, 0x0, 0x6, 0x1, 0x5, 0x3d0, 0xe3, 0x1000, 0x3, r10, r6, 0x3, 0x1f}}, {0x1, 0x2, 0x8, 0x2, 'nodevmap'}}, {{0x3, 0x1, 0x82, 0x7f, 0x2, 0x8001, {0x6, 0x6, 0x1, 0x0, 0x4, 0xda, 0xfffffffffffffd2d, 0x40, 0x7, 0x401, 0x3, r9, r11, 0x2, 0x400}}, {0x0, 0x100000001, 0x3, 0x8, '9p\x00'}}]}, 0x3f8) stat(&(0x7f00000008c0)='./file0\x00', &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000980)='./file0\x00', &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_DIRENTPLUS(r3, &(0x7f0000000a40)={0x2b8, 0x0, 0x3, [{{0x3, 0x2, 0x5, 0x100000001, 0xc831, 0x70, {0x0, 0x5, 0xd6a, 0xf1, 0x3, 0x80000000, 0x0, 0x3f, 0x9c2800000000000, 0x1, 0xcb, r4, r6, 0xa91d, 0x5}}, {0x4, 0x20000000000, 0x16, 0x8, 'trusted.overlay.nlink\x00'}}, {{0x4, 0x2, 0xff, 0x9, 0x5, 0x1f, {0x3, 0x3, 0x4, 0x4, 0x0, 0x20, 0x4, 0x2, 0x4, 0x10001, 0xfffffffffffff800, r7, r11, 0x7}}, {0x2, 0x1, 0xa, 0x8, 'ppp1:bdev^'}}, {{0x2, 0x2, 0xfff, 0x8, 0x7f, 0x8, {0x1, 0x6, 0x6, 0x80000001, 0x3, 0x100000001, 0x5, 0xfffffffffffff801, 0xb3fe, 0x3, 0xa18, r12, r13, 0xfff, 0x401}}, {0x0, 0xa3, 0x15, 0x0, '\\.GPL\'-vmnet0vboxnet1'}}, {{0x5, 0x3, 0xffffffff, 0xaf, 0x401, 0x3000000000000000, {0x0, 0x100000000, 0x7, 0x7, 0x2, 0x6, 0xffff, 0x20, 0x9, 0x10001, 0x1, r14, r15, 0x4, 0x7}}, {0x5, 0xc56, 0x8, 0x2, '}trusted'}}]}, 0x2b8) r16 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r16, &(0x7f0000000400)=""/43, 0x2b) timer_create(0x0, &(0x7f0000001480)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r17 = dup2(r0, r16) setxattr$trusted_overlay_nlink(&(0x7f00000003c0)='./file0\x00', &(0x7f00000000c0)='trusted.overlay.nlink\x00', &(0x7f0000000100)={'L-', 0x3}, 0x28, 0x1) tkill(r1, 0x1000000000015) mount$9p_rdma(&(0x7f0000000d00)='127.0.0.1\x00', &(0x7f0000000d40)='./file0\x00', &(0x7f0000000d80)='9p\x00', 0x2000, &(0x7f0000000dc0)={'trans=rdma,', {'port', 0x3d, 0x4e24}, 0x2c, {[{@rq={'rq', 0x3d, 0xbfd}}, {@timeout={'timeout', 0x3d, 0x4}}, {@rq={'rq', 0x3d, 0x401}}, {@common=@nodevmap='nodevmap'}, {@common=@access_uid={'access', 0x3d, r8}}, {@sq={'sq', 0x3d, 0x7}}, {@sq={'sq', 0x3d, 0x90}}]}}) write$P9_RWSTAT(r17, &(0x7f0000001440)={0x7, 0x7f, 0x2}, 0x7) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r17, 0xc10c5541, &(0x7f0000000280)={0x8000, 0x63d4, 0x200, 0x0, 0x0, [], [], [], 0x7, 0x6000000000000}) getsockname$inet(r17, &(0x7f0000000180)={0x2, 0x0, @remote}, &(0x7f00000001c0)=0x10) 19:01:06 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x3f00, 0x0, 0x2}, 0x10}}, 0x0) 19:01:06 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1c00000000000000) 19:01:06 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x4000000, 0x0, 0x2}, 0x10}}, 0x0) 19:01:06 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1b00) 19:01:06 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x4000000, 0x0, 0x2}, 0x10}}, 0x0) 19:01:06 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/enforce\x00', 0x10000, 0x0) ioctl$KDSKBMETA(r1, 0x4b63, &(0x7f00000000c0)=0x1) r2 = gettid() r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r3, &(0x7f0000000140)=""/43, 0x2b) sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000340)={0xc0, 0x0, 0x400, 0x70bd25, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DAEMON={0x30, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x5}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x5}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xdf}, @IPVS_CMD_ATTR_DAEMON={0x28, 0x3, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, [], 0xa}}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x6}, @IPVS_CMD_ATTR_SERVICE={0x34, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x0, 0x1}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2e, 0x25}}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x80000000}]}, 0xc0}, 0x1, 0x0, 0x0, 0x40000}, 0x5) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r1, 0xc08c5336, &(0x7f0000000280)={0x6068, 0x6, 0x34e6, 'queue1\x00', 0x8000}) dup2(r0, r3) tkill(r2, 0x1000000000015) 19:01:06 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x8000000) 19:01:09 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r2, r0) sched_getscheduler(r1) tkill(r1, 0x1000000000015) 19:01:09 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1700) 19:01:09 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f0000000080)={{}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) getpgrp(r1) tkill(r1, 0x1000000000015) 19:01:09 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x40030000000000, 0x0, 0x2}, 0x10}}, 0x0) 19:01:09 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1600) 19:01:09 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x9000000, 0x0, 0x2}, 0x10}}, 0x0) 19:01:09 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x3f00000000000000, 0x0, 0x2}, 0x10}}, 0x0) 19:01:09 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x200000000000000, 0x0, 0x2}, 0x10}}, 0x0) 19:01:09 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xffff8000) 19:01:09 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x40000108) 19:01:09 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0xffffff7f, 0x0, 0x2}, 0x10}}, 0x0) 19:01:09 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x34000, 0x0, 0x2}, 0x10}}, 0x0) 19:01:10 executing program 3: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x0, 0x0) r1 = accept$unix(0xffffffffffffff9c, &(0x7f00000000c0)=@abs, &(0x7f0000000180)=0x6e) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000001c0)={0x40000002}) r2 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = gettid() r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r4, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r2, r4) tkill(r3, 0x1000000000015) 19:01:10 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xf) 19:01:12 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = dup2(r0, r2) tkill(r1, 0x1000000000015) write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f0000000080)={0x30, 0x5, 0x0, {0x0, 0x5, 0x3dd, 0x12d8c671}}, 0x30) 19:01:12 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x820000c000000000) 19:01:12 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x9, 0x0, 0x2}, 0x10}}, 0x0) 19:01:12 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x4, 0x0, 0x2}, 0x10}}, 0x0) 19:01:12 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1400) 19:01:12 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r0, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:12 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0xffffff7f00000000, 0x0, 0x2}, 0x10}}, 0x0) 19:01:12 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x100000000000000, 0x0, 0x2}, 0x10}}, 0x0) 19:01:12 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1900) 19:01:12 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:12 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xd901000000000000) 19:01:12 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x200000000000000, 0x0, 0x2}, 0x10}}, 0x0) 19:01:12 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x7) 19:01:12 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x400300, 0x0, 0x2}, 0x10}}, 0x0) 19:01:12 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000080)={{r3, r4+30000000}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:13 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x400101c0) 19:01:13 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x1000000, 0x0, 0x2}, 0x10}}, 0x0) 19:01:13 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)=0x0) timer_settime(r3, 0x0, &(0x7f000006b000)={{0x0, 0x989680}}, &(0x7f0000000080)) dup2(r0, r2) tkill(r1, 0x1000000000015) getpgrp(r1) 19:01:13 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x2) 19:01:13 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x1000000, 0x0, 0x2}, 0x10}}, 0x0) 19:01:13 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x8501) 19:01:13 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x2000000, 0x0, 0x2}, 0x10}}, 0x0) 19:01:13 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1b) 19:01:13 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x400300, 0x2}, 0x10}}, 0x0) 19:01:13 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x900, 0x0, 0x2}, 0x10}}, 0x0) 19:01:13 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xe0060000) 19:01:16 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x7f, 0x80000) ioctl$EVIOCGABS20(r3, 0x80184560, &(0x7f0000000280)=""/244) r4 = dup2(r0, r2) bind$llc(r4, &(0x7f00000000c0)={0x1a, 0x33d, 0x800, 0x7, 0x2, 0xd93, @remote}, 0x10) tkill(r1, 0x1000000000015) 19:01:16 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x19) 19:01:16 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x100000000000000, 0x2}, 0x10}}, 0x0) 19:01:16 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x2, 0x0, 0x2}, 0x10}}, 0x0) 19:01:16 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x36000000) 19:01:16 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x80ffff00000000) 19:01:16 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x400000000000000, 0x2}, 0x10}}, 0x0) 19:01:16 executing program 3: r0 = getpid() r1 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0x0, 0xffffffffffffffff, 0x0) r2 = gettid() r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r3, &(0x7f0000000140)=""/43, 0x2b) r4 = syz_open_dev$usbmon(&(0x7f00000000c0)='/dev/usbmon#\x00', 0x7f, 0x0) ioctl$TUNATTACHFILTER(r4, 0x401054d5, &(0x7f0000000180)={0x2, &(0x7f0000000100)=[{0x6, 0x4f9, 0x4, 0x2}, {0x4, 0x8, 0x912d}]}) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r5 = dup2(r1, r3) tkill(r2, 0x1000000000015) ioctl$VT_GETSTATE(r5, 0x5603, &(0x7f0000000080)={0x8, 0x1, 0x7}) syz_init_net_socket$llc(0x1a, 0x2, 0x0) 19:01:16 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) gettid() r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x3) read(r1, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r1) 19:01:16 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000080)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:16 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xa000000) 19:01:16 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x3f00, 0x2}, 0x10}}, 0x0) 19:01:16 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x900, 0x2}, 0x10}}, 0x0) 19:01:16 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xff02) 19:01:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x13) 19:01:17 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x9, 0x2}, 0x10}}, 0x0) 19:01:17 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x2, 0x2}, 0x10}}, 0x0) 19:01:17 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x8000, 0x0) ioctl$TUNSETOFFLOAD(r3, 0x400454d0, 0x4) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) setsockopt(r2, 0xfffffffffffffffd, 0x7ff, &(0x7f0000000080)="79b3e9b673c017574c8784956af49282f74ecd7c5e3ceadee0012bb7f6cc442bfdf48e79ae48f0e0c3e6afa8daed23aa6402af58dd3b6140a5b14281ac8aa2d8cece7b0f191230c205ea30ded710966313579f71ae3596039187bbe10c13bf185b", 0x61) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r3, 0x84, 0x6b, &(0x7f0000000280)=[@in6={0xa, 0x4e21, 0xfff, @mcast2, 0x7}, @in={0x2, 0x4e22, @local}, @in6={0xa, 0x4e21, 0x3f, @mcast1, 0x6}, @in={0x2, 0x4e22, @rand_addr=0x7ff}, @in={0x2, 0x4e24}, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, @in={0x2, 0x4e20, @remote}, @in6={0xa, 0x4e22, 0x0, @mcast1, 0xfff}], 0xa4) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:17 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x26) 19:01:17 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x40030000000000, 0x2}, 0x10}}, 0x0) 19:01:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x3000000) 19:01:17 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x200000000000000, 0x2}, 0x10}}, 0x0) 19:01:17 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f00000000c0), &(0x7f0000000100)=0x4) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:17 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)=0x0) timer_settime(r3, 0x0, &(0x7f000006b000)={{0x77359400}}, &(0x7f0000000100)) dup2(r0, r2) ioctl$int_in(r0, 0x5421, &(0x7f0000000080)) tkill(r1, 0x1000000000015) 19:01:17 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xc00) 19:01:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1c000000) 19:01:17 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xbff) 19:01:17 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x400000000000000, 0x2}, 0x10}}, 0x0) 19:01:17 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x1000000, 0x2}, 0x10}}, 0x0) 19:01:17 executing program 1: r0 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000400)='/selinux/mls\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0) r2 = gettid() clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) clock_settime(0x7, &(0x7f00000000c0)={r3, r4+10000000}) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r5, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) r6 = syz_open_dev$admmidi(&(0x7f0000000100)='/dev/admmidi#\x00', 0x80, 0x10000) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000180)={0x1, 0x5, 0xa, 0xf117, 0x7, 0x54f, 0x5, 0x2, 0x0}, &(0x7f00000001c0)=0x20) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r6, 0x84, 0x73, &(0x7f0000000280)={r7, 0x5, 0x20, 0x9, 0xffffffffffffffc7}, &(0x7f00000002c0)=0x18) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) getsockname$unix(r0, &(0x7f0000000440)=@abs, &(0x7f00000004c0)=0x6e) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f0000000300)={r7, @in={{0x2, 0x4e21, @remote}}, 0x0, 0x884, 0x2, 0x6d, 0x12}, &(0x7f00000003c0)=0x98) dup2(r1, r5) tkill(r2, 0x1000000000015) 19:01:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x16000000) 19:01:17 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x9000000, 0x2}, 0x10}}, 0x0) 19:01:17 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x3e) 19:01:17 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x9000000, 0x2}, 0x10}}, 0x0) 19:01:18 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0xffffff7f, 0x2}, 0x10}}, 0x0) 19:01:20 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f00000000c0)) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) rt_tgsigqueueinfo(r1, r1, 0x1c, &(0x7f0000000080)={0x24, 0x3a18, 0x80000001, 0x1}) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:20 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x2000000, 0x2}, 0x10}}, 0x0) 19:01:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1a00) 19:01:20 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x2a1001c0) 19:01:20 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x34000, 0x2}, 0x10}}, 0x0) 19:01:20 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) sendto$llc(r0, &(0x7f0000000080)="0684b09ee0949e34f9d38cc8d4375c5ceba4fdac07ee830f2710befd1fd6b595335e9922a4a940a9568dca25b6d8c3b8ac87ab2c6826e762db029440784419d8f32dc4910a0188dff0270ca0e630a8ffdd26b94ebf159cca29a2948c8edc2646ea5bbefae07054a910c3bb35a6ed852324", 0x71, 0x20000000, &(0x7f0000000100)={0x1a, 0x33d, 0x9b, 0x0, 0xfff, 0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x10) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = dup2(r0, r2) tkill(r1, 0x1000000000015) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, &(0x7f0000000180)={0x0, 0x5}, &(0x7f00000001c0)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000280)={0x0, @in={{0x2, 0x4e22, @local}}, 0x8, 0x9, 0x5, 0x8, 0x80}, &(0x7f0000000340)=0x98) getsockopt$inet_sctp_SCTP_STATUS(r3, 0x84, 0xe, &(0x7f0000000380)={r4, 0x1, 0x1, 0x3, 0xaf, 0x1, 0x2, 0x0, {r5, @in={{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x1b}}}, 0xffffffffffffffec, 0xa00000000, 0x9, 0x3f, 0xff}}, &(0x7f0000000440)=0xb0) 19:01:21 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x1c0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffff9c, 0x84, 0x70, &(0x7f0000000280)={0x0, @in6={{0xa, 0x4e20, 0x0, @mcast2, 0x77}}, [0x65b, 0xfffffffffffffffa, 0x4, 0x8000, 0x5, 0x252, 0x5, 0x8000, 0x2, 0x6, 0x6, 0x8, 0x1, 0x5, 0x10000]}, &(0x7f00000000c0)=0x100) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000100)={r2, 0x2, 0x30}, 0xc) r3 = gettid() r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r4, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r4) tkill(r3, 0x1000000000015) 19:01:21 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xc00) 19:01:21 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0xffffff7f00000000, 0x2}, 0x10}}, 0x0) 19:01:21 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0xffffff7f, 0x2}, 0x10}}, 0x0) 19:01:21 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x8601) 19:01:21 executing program 1: r0 = syz_open_dev$adsp(&(0x7f00000004c0)='/dev/adsp#\x00', 0x6, 0x2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000500)={0x0, 0x800}, &(0x7f0000000540)=0x8) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000580)={r1, 0x2}, &(0x7f00000005c0)=0x8) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = gettid() migrate_pages(r2, 0xffff, &(0x7f0000000280), &(0x7f00000002c0)=0x1) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r4 = dup3(r3, r3, 0x0) write$USERIO_CMD_SEND_INTERRUPT(r4, &(0x7f0000000080)={0x2, 0x1}, 0x2) read(r3, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r4, 0x84, 0xf, &(0x7f0000000380)={0x0, @in6={{0xa, 0x4e22, 0x5, @empty, 0x3}}, 0x1, 0x2, 0x0, 0xfffffffffffffffc}, &(0x7f0000000440)=0x98) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r4, 0x84, 0x7b, &(0x7f0000000480)={r5}, 0x8) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r6 = dup2(r3, r3) tkill(r2, 0x1000000000015) ioctl$PIO_SCRNMAP(r6, 0x4b41, &(0x7f0000000600)="9e22fff727a544200a37cef8930d9eea72649765597ba7d434726999eff65352983ca0787f337caab28203ac1b5dd5464176176dad9bc269850b39a65f81960bdf9d54e0a752cfd96e9397eed2a4101a4bd7282332729d20a6fca39de3f463a0ea635b1901c1241f7bd1881303fda8049f1772796f8495c6c398bd86081f32eda1708c4dfc6e8154f52238d93f8f5582b2b9b963a6c64ffe1684f92e3f8f455040f8be59d14c50b2ba97977a97cdd025206dc4df4e1d437a685839c84c0da6bcfcbec329dd366a389cf8a10284b7ae077710e1c02ad54b5d9942f1f488a6f457b2") ioctl$DRM_IOCTL_AGP_ALLOC(r3, 0xc0206434, &(0x7f00000000c0)={0x1, 0x0, 0x10001, 0x1}) fsetxattr$trusted_overlay_redirect(r3, &(0x7f0000000180)='trusted.overlay.redirect\x00', &(0x7f00000001c0)='./file0\x00', 0x8, 0x2) write$P9_RXATTRCREATE(r4, &(0x7f0000000300)={0x7, 0x21, 0x2}, 0x7) ioctl$DRM_IOCTL_AGP_UNBIND(r6, 0x40106437, &(0x7f0000000100)={r7, 0xffffffff}) ioctl$PPPIOCGMRU(r4, 0x80047453, &(0x7f0000000340)) 19:01:21 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) getsockname(r2, &(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, &(0x7f0000000100)=0x80) setsockopt$inet6_int(r3, 0x29, 0x3e, &(0x7f0000000180)=0xfffffffffffffff9, 0x4) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:21 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x800000000000000) 19:01:21 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x4, 0x2}, 0x10}}, 0x0) 19:01:21 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x900000000000000, 0x2}, 0x10}}, 0x0) 19:01:21 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xd) 19:01:21 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x9, 0x2}, 0x10}}, 0x0) 19:01:21 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x4000000000000000) 19:01:21 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x40030000000000, 0x2}, 0x10}}, 0x0) 19:01:21 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xc0010015) 19:01:21 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x5000000) 19:01:21 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x900000000000000, 0x2}, 0x10}}, 0x0) 19:01:22 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r3 = msgget$private(0x0, 0x1) r4 = getuid() getgroups(0x6, &(0x7f0000000080)=[0x0, 0xee00, 0xee01, 0xee00, 0x0, 0xffffffffffffffff]) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000280)={{{@in=@loopback, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f00000000c0)=0xe8) r8 = getegid() msgctl$IPC_SET(r3, 0x1, &(0x7f0000000180)={{0x9bd, r4, r5, r7, r8, 0x20, 0x6}, 0xca71, 0xf00, 0x1f9f, 0x550, 0x4800, 0x6, r1, r1}) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r9 = dup2(r0, r2) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000100)={0x1ff, 0xb76, 0xab, 0x1, 0xc6f}) tkill(r1, 0x1000000000015) write$P9_RGETATTR(r9, &(0x7f0000000380)={0xa0, 0x19, 0x1, {0x516, {0x9, 0x1, 0x2}, 0x11, r7, r6, 0x6, 0x3, 0x9, 0x6, 0x4, 0xded3, 0xc57, 0x81, 0xfffffffffffffffb, 0x3f, 0x9, 0x9, 0x400, 0xffff, 0x5}}, 0xa0) 19:01:22 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x4000000, 0x2}, 0x10}}, 0x0) 19:01:22 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x14000000) 19:01:22 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x1000000, 0x2}, 0x10}}, 0x0) 19:01:22 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x7601000000000000) 19:01:22 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x17, 0xfffffffffffffffc, @tid=r1}, &(0x7f0000000180)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x80000, 0x0) ioctl$VHOST_SET_VRING_NUM(r3, 0x4008af10, &(0x7f0000000080)={0x0, 0x488}) dup2(r0, r0) tkill(r1, 0x1000000000015) alarm(0x4) 19:01:22 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x4000000, 0x2}, 0x10}}, 0x0) 19:01:22 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xb00) 19:01:22 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xf3ffffff) 19:01:22 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x2000000, 0x2}, 0x10}}, 0x0) 19:01:22 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000080)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:22 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x200000000000000, 0x2}, 0x10}}, 0x0) 19:01:22 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x4, 0x2}, 0x10}}, 0x0) 19:01:22 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xb0000040) 19:01:22 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xa00) 19:01:22 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0xffffff7f00000000, 0x2}, 0x10}}, 0x0) 19:01:22 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x2, 0x2}, 0x10}}, 0x0) [ 495.744365] Unknown ioctl 1074310928 19:01:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1800000000000000) 19:01:25 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x26000000) 19:01:25 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x3}, 0x10}}, 0x0) 19:01:25 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x900, 0x2}, 0x10}}, 0x0) 19:01:25 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1d) 19:01:25 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x4, 0x0) clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) utimensat(r2, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)={{r3, r4/1000+10000}, {0x77359400}}, 0x100) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r5, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r5) tkill(r1, 0x1000000000015) 19:01:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xf7e20ded7f0000) 19:01:25 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000600)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000640)={0x0}, &(0x7f0000000680)=0x8) getsockopt$inet_sctp_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f00000006c0)={r4, 0x6, 0x3, 0x1}, &(0x7f0000000700)=0x10) read(r2, &(0x7f0000000140)=""/43, 0x2b) r5 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x40, 0x0) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffff9c, 0x84, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x1cb, 0x24d}, &(0x7f0000000100)=0x10) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r5, 0x84, 0x18, &(0x7f0000000180)={r6, 0x6}, &(0x7f00000001c0)=0x8) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:25 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0xffffff7f}, 0x10}}, 0x0) 19:01:25 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x34000, 0x2}, 0x10}}, 0x0) 19:01:26 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x4001000000000000) 19:01:26 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xf000000) 19:01:26 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x3f00000000000000, 0x2}, 0x10}}, 0x0) 19:01:26 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x0, 0x0) sendto$inet(r3, &(0x7f00000000c0)="10a17c300e0f7472484480d3e7e2a17bbc8099cc89c89124d958ad368febf10117bf81e9060d8e339dfa6ff088cc", 0x2e, 0x40050, &(0x7f0000000100)={0x2, 0x4e21, @remote}, 0x10) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:26 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x1000000}, 0x10}}, 0x0) 19:01:26 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xd004000000000000) 19:01:26 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x100000000000000, 0x2}, 0x10}}, 0x0) 19:01:26 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x10000000) 19:01:26 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_open_dev$amidi(&(0x7f0000000300)='/dev/amidi#\x00', 0x48, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000001540)={{{@in6=@local, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in6}}, &(0x7f0000001640)=0xe8) r4 = getgid() r5 = geteuid() getgroups(0x6, &(0x7f0000001680)=[0xee00, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xee00]) getresuid(&(0x7f00000016c0), &(0x7f0000001700), &(0x7f0000001740)=0x0) r8 = getgid() r9 = getuid() stat(&(0x7f0000001780)='./file0\x00', &(0x7f00000017c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000001840)={{{@in=@local, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@local}}, &(0x7f0000001940)=0xe8) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001980)={0x0, 0x0, 0x0}, &(0x7f00000019c0)=0xc) sendmsg$netlink(r2, &(0x7f0000001b40)={&(0x7f0000000340)=@kern={0x10, 0x0, 0x0, 0x80000400}, 0xc, &(0x7f0000001500)=[{&(0x7f0000000380)={0x1010, 0x28, 0x200, 0x70bd2c, 0x25dfdbfc, "", [@generic="877ea1a534a1dbee528439d0b6cc897ff0a247e35aa77aaa60ec6bf16375bbb0ec77793e759fe320537e7fc986710e5901f77d1bc92c115b011d5e34d047d5fb723b894d522adeda58e582a85c514c3f5abefe1f02d8922fd545d5c9feb73087b68493149da99ce13e7e7580dabfe1c5cfacde0c62b9b316fd462d978d63f2e3fc916b24ef4cd55d0d3a3966e93fd24751da789edf62b2ad8fb2c1d77632c2f7d523fce8354a2192bcf788b036d9d66182d9c61a77c1aec1566794c9e485aad8e63c81900010edc3b4449c251a34bd2c706920486e3280fe011ec73eb69b85dcba0a416091e76f338888cc7a36ef9489b90d3e5b40d7d00621721511cdb2f24afd6432fb0d54192d1c4d283334204b9bdaa720a9615c900155db8dabc28616bd1eb51ea53983f0fd820c084b02428d6019c17cb0dc8ccdf3c2cfaf8dd8fae3569e81cb65fd6ba7cddb9beae7fc616caf531f711939432cf69ad9ce89b6ea85ea39c9af87eb20eafbfda6bdbc86392555ed2e8997d52fc36112f661804ac5fc8284c5e588c9e2b89bfd11582c5474e2355846fd618dd257994c0d91a4ab261c41625fbde22f78d18357349e57142634d562f98b61f2f7f97ba380de321e2c68ec6883faf2b0959d6bdaba607d2fc306da46812917033b968885a88f13f78966d4b155a3357e920a8a54faaf0f74f8d9de53d321c576432a088d4ea0017ecd3fed39dc2dc82c4a7bce80f31dbea6f4102d7ed0b18083007b7974124eb490f0c6cc13c12863ef07b06c7d175e72876120ff1e42039eb89a35d99ae9807765086c77327fed3ecb080044294f28e3429ecb3c8307e6f03f76284e8b0966fcab2643f32df5c5a6ba14327e7ad3aa84553f69768c81ad092e65cb4ae76898203241e912cd666cff37b85016df92c0e7f1581efe7a02e0aeb5da3dbab95b452873296f5571e2944f8b6cadaf7fcfb6edf6f86576ff617ebfbac1a7a6c82cfe9c0e45adea5af50d290b8fd838fa1901b9f100f23799468f5dab64ac9ab10751ede121a6036cb1a61863d999a4c3be0e7953c9d0b7af2af38397313f993c16d1254237f0af0150bb571097d5e7ff16fed7db542ec2c600f7a58adb0bd13515bc014351cdf769ff61b29070c42fbd103868e94d1c3636330a96956f06b18b4555150e0c3edb0a60a2958627cebe626764b766f992258470db2d159c0f22b63f60f59535e9c9a0b502f34459a3459bb33d9a1df6c21d9b4e9e26034a168859077f6c0b6bfd882baa26e68d1e634d57f0b49a63bfa102d34a17498c05ac12e68e1f98e2d5afbc804568de195ca81956a3434189dfd8c274e3fccd93b86247884d586cd87be29f3fafe86ae0a5bda54d86e984d5349b9a19e48de358cff0eb2f5b994b7eed8277fd7ecf593f6400a9ab0934a561c357ff49691233ebba72e5b25463baa06f0a33166d0d23fb69b496cdda6de64c760c52a88cb2ae4e0a137968de481c0343419746c1f2a83a2747e68b9592ecc54a2b1378931664ed26f949d84d242ff14f22ce8cd96888299ffa5bab3a55ca0ee8ea91ae2c2519d8b1305c0c0269e284a6e7cc02b2390778916a8f15d4fd07eaa662679a513585f4bfd21857ea68ce8ae3c2d5dfc3b18d2eb3b7939fb87a07ce2b6a1bca2e48df81c2f8fe36d86719a3cf36d382c088e3528d49d6620f716237ad1132c46636a85542ab3323bca0ee68cdd306b83a89b7e2c536dc1b32d2adac42f16e20ecb916d0abf0a50de6a71bc5be46680186e3c49ca9e6d07def438ba49debfc79de2d84347d1eba05f132a7ced118c8e2deb99ea09869f1b468425ab205e60a94952dc8e5a2107dc3cb777c2bf9616747b6b6be3d26420e9269973a1df57bdbded51f9e0de6c2f8eddc82730e6c4d98c51eab7a3d86cbbc08e7c777f8c206d2f9805c00ba683936717c609701fe97ece26a8336b0ae9830720ada4436b368aeccfa57c3e38462a0a4d2d64058b79dcc67fb03c5f6b8ef90288f53511ca71af808e95946fd356443d9f5cd89140c07757b6dc3cf0750805a669a8fcd1335f5bb445dee9e7f61af0015c20507972077b2e7c6597a01f98746e76056bde42aeb6e5456618d02f84d90e39a9fdd19a9cb1c1847d3463534f94795c1800adb67c11ab218cf6fc948bccd5e9c872561535a6c42e2bc47e1dc96755e4832bb87a6948dabdfab4c5602e0f23f0cd41bd594a526b97cff0d6da2485e04ac504cb0c6947b4bd5990e8d2e11716a2cb516289f6d795aad2f5e030e906e022282e437666c9601d8529734b06c7d116ca167e703f51d3f07a3576a6fff0711df62ac0e0e5040799519d140c427000ebb27dd88784aae6fbfa392eb2a6aed3637bf9b8a84cb16607d60f1ecef02c8de4dbe45a03f76a6d2707282e6f7910f7d2ebfdb71fe9eb5a1a1869c8037ac8c5dcf7c1474fb01f86e7d65672feaf1c4d512caefadf98811041d4b4e3ad411de314f2fe1a1a7ffcb3105e48f40b98cec495ea26d0983c4954b612754092e322f20fcdb24d9113b44db3bfc21fc131f1edcd0febed373861ed2788a12898c10b931fe369a895aac4cc735968e118ddefb2512ba805dc702c5127293cfb95e485544abc7150bf72f96022e9935b874fe8f61adb759b3149ce757873263dc22c8955f34c950b54f2f4f75bb76f2309ea221e554c6536ccd0d89b26ccf89fa7aedc2d3885b8ea6707598f72f5357f883d2b96aa6f544d3035328848f5eb079ad2358cab9abcd08d71c90350bf89d78b7ab0aafa5c4b707a61170262e712deb1f2e028cdec6c1da09eb802024d7374a18671f973713b3c7dca9cef2c54148eb918a9697ab5322a74bc6ef0c08e2420729643a6e84a04c89bb9f08b58b4be1c5a5fc65e117e7b67910f940030f302ea4898898c9b0caef59cfcd7fa1c9d97b83ab1435e0e1d896df4a256ee42cf28c0b11d3f71a88bc1bc575c900a328c299865f1ec296c4efd32928e41b0de6b9c803b2a6dd17c5b5a27ccc11e2afd19d637e74415d2be8d219ad0e80dfc914ce143f729726de91f051f749ddda2e2007cdf51090e12eba6f9be812f4c706b27a3d2c42d9f16e23d40b553becc06d903ee1850af53ce51fbd1de4407cadd6b3ee61bf0a1b257a4c9de234746e1e6888a32c4ee435bd76500cacbafcc45077ca86db9cea263fe1ef8bd5cf2a49641639f618fb711976dabe159b2b118b198d95582c73567fc1cd5647dda77261266d6cf9cf3109f142872cc9418b00627279280e32d956b47a94a1f258b517c69ae289abb0655116e66846c43eea5bc73bfd073108667470e948abd18690685c298b307a2d611cf00447496a5ec2c540fa0687b80352124b67203832f957eebe2f7d353ac2f736e2c6daf3e98fb4b710ec1dabf39a779e921d2d2aa7a68c342c5257542658a04f2bc825142c7aaca496a510c5ae195bd40cb6f4e83acd63ebd7063a9981339b74981e9c3538e00284d1eeef07c6f655839956e99d7870318127d4350917ca83879f7a59449d533263c4e3d9df7ad3cbf0061a113ca4797ac88676bd4653805689adf9c73d7d314645c240936990ee9bcd2a831dd003e89f7e3a0fa8eb46d1da96af4a7a78244fb5c3039632650a7286dd13a1e84ce3d1e89d7088a0ea55f951075941585b62cc62a098e6bfb9c1f5c9cd71ae1e7bf98b1b9329ba013f501c9af00a07959bcd78d1565768316e728157c5565e89e895f41a62cdf68652697ea84f782d7e08eeab09502fc13fad63df4c80cfab76a4e2425e8137b2b6f62777468bd373fe06c187f1b1a2117f4ae1316a74474550e130f2ef75a539ced25e35787a97a27ae3bb64f64706e5edf46285e64151b0e352d8b5ac146680c08d6b456a96e0c53fbcb6267eb260f1e9031d563c1aae7e0c4a95949d0f3ef304e0ad70e45cd234d581d88c8b6e908c2837847fc3307a1b1c9c48d36d320630d1d14a16f8900a10a2daeee8291c2c11c3964d05dcf6bb2997185b59c424e16c1ed6925857bb9a8af1f4f89ecdaceee75326c5f1e478463b30e43131f7ac04ae20b5d1bc66e3434c6c3317259da6adb74f596bc3731ab1d85edc7974eb337dc5d52b3da48b4908dd8a522a21f47cd4461e948442d55cca0dcf7161a3c3cfeb114bea5ec931636637f23be3cd9d25bc34bae7ff8debb6751b1ecf8c51ef4ddb2e42f977424d5a788f8fbb40f2b7306fabc087d5b147c4e2b8dbaddc1353b577831a28b659bcc8082ca3cde18c6dbd00842cb427e2e3fdb40ef0e763425aab04b8460f5cbda668e3d39339c4423833b54eb8b3f90944f012c61c104f3b776375ca26aa6a1ff45b4e1751557c4b573e20f53898c8a09991e7f3ad1b4b206951f0611ada60d08d7b71156e346b8dbc8808bb4b99a95d495dd6acc7956e73665423ab2ea6a71c7a91720e78ae167777baec9818b0a46d8a9166611c701cb7a3d8b555a2962b465922642c51832b2e38eec9b02be09dc4819eeaf0296e2312be64057530738dd64a2e9d2369313ec3445cb6aacb0cdf2896a21184b3ecc7fe60c7dfbe730a049a7ef6be0ab7ec485da847b60d9cb57bce08a4b8017825af5a548426f6fd29057e01c0f261c0c959e6638376b6317e0703d98b747ed1860f400ea570b77b532b6d6eb770b314b16e54f3fdbc83022741c632eeae34b5c32bb3b7dd6c832117e97283db938daad87546837d4962bf89305061460c31692a0b295fbebfe182a3dd33377a5726b06341cad2c942d96537319deb3bf97d5f04c9099dfa7b0d9bf90a8eb91b91ac2e9f22f9e1f6e14be2b2266a4cf5ad8eaac18183a97deabe6a62c69cfe94a1093b0b5845d3d0e979ecef9b073c154cfc44acdcf0531a5ae886bd38f4801b29dbe5210df1beac4c589bf664724e9169ce079a63366f480ad6609dc9460bdaef7eb8cb1164a40d7e2f17dfcd77b430ce1de630613390260d8b38d959061711814354a246a3d629cb448a816cdadacbcdc1d3216d1cb64f95c2a19047396640c366b9b453ad65cbd92a9f7ae11624e3d38f83a0025ea1ce2bfe7d7a6a8f21aa7e3deff5b5e2e327882c0af7c9313666946e3a87ebc9fbfa01648a75e2ed196972affe4bb678e76042eb95a985c030ec89470d13a59c75d78188e9c2f5d805ce0f8db72446023c524934c095034e7fcce1adbc7ddb995d57c107f64dd21bc69a0dfee4260cd9c2ca7222563203602ee5874e25862bc296c43103534cc02883ad2aba31b03999785bd5a682301b825256c8f07154957345e1577aff4312df03c19fe27c1d11daf05ce02286040a53d7723b0beed482b53d5a6321c54326279a195c1fa0125f99225ad6386cd69edaa50102abb278b40408db9efbb71858b70978ef37f211e4b1796cf960cf81b8dedc77c5765281b3b47545894d34a3155f0de3ed8a7bcbfeaba657dbc7b3f9487233d9acf6629f4f0a670a1d86561075caf128c75438936d4f4c72b132e29279bc788de843360e8bc51e5717be3fc017f378a19f9ef87c679999325b84b02b8827c6b303c450e2d8fedfa8d66b4caa07872a12598b8531c45e17a6b98090279e3361d2cc7628ef506c9781abf4c634653adb850b38b26750fd8cd89e963b85e9ab647d2b8abffab9d794f468719f8cbed59de303f690934d766a262d3a2d26ae5fd4b04f4aa3fda1bb57da1b4a854da108e7797c7716471a568526d34f10614b633ce616a0cc7d02b2b47c435cf5a5cb1ef6cfdde7cdbf6973b054343af21c8aa7487247f6d1554753fa83425afd98c7c3b8cbf57e4163e557c2f375a1"]}, 0x1010}, {&(0x7f00000013c0)={0x44, 0x2f, 0x8, 0x70bd28, 0x25dfdbfc, "", [@generic="324ea708c3ea5096bfe99a75a5b0239ee13452c22accdffd3cf3a2f78abcf191f782b73920d73cd74b30233ffbdb0968c430d8"]}, 0x44}, {&(0x7f0000001440)={0x24, 0x35, 0x908, 0x70bd28, 0x25dfdbfc, "", [@generic="b79dd382cbc2df6837cdda6d419e4bf5952665cd"]}, 0x24}, {&(0x7f0000001480)={0x7c, 0x1c, 0x700, 0x70bd29, 0x25dfdbfe, "", [@generic="2dabcd2b2e2488004174f9e2af3470b0d66385cafd717d89aed0ed6fc7a1fd4209b01bb62a279cd18ace1067a1475005167b0e8a22c68d11271d75bec04f3b6232af5408cf337d05fc8e68e855c314e23037b0dba6c95e08ec9f36f4d6e452c41923b226143be55429b6e3ec"]}, 0x7c}], 0x4, &(0x7f0000001a00)=[@cred={0x20, 0x1, 0x2, r1, r3, r4}, @cred={0x20, 0x1, 0x2, r1, r5, r6}, @cred={0x20, 0x1, 0x2, r1, r7, r8}, @cred={0x20, 0x1, 0x2, r1, r9, r10}, @rights={0x38, 0x1, 0x1, [r0, r0, r0, r0, r0, r0, r0, r0, r0, r0]}, @rights={0x30, 0x1, 0x1, [r0, r0, r0, r0, r0, r0, r0]}, @cred={0x20, 0x1, 0x2, r1, r11, r12}], 0x108, 0x20008801}, 0x40) r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r13, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r14 = dup2(r0, r13) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f0000000080)={0x1, 0x2, 0xffffffffffffffff, 0xfff, 0x2, 0x15ee, 0x80000000, 0x401}, &(0x7f00000000c0)={0x8001, 0x2, 0x7, 0x1, 0x1, 0x0, 0x2, 0x4}, &(0x7f0000000100)={0x8f09, 0xd50, 0x2, 0x7, 0x6, 0x7, 0x5, 0x101}, &(0x7f00000001c0)={r15, r16+30000000}, &(0x7f00000002c0)={&(0x7f0000000280)={0x1}, 0x8}) ioctl$FICLONE(r13, 0x40049409, r14) tkill(r1, 0x1000000000015) 19:01:26 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = dup3(r0, r0, 0x80000) ioctl$EVIOCGSND(r1, 0x8040451a, &(0x7f0000000280)=""/205) r2 = gettid() r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r3, &(0x7f0000000140)=""/43, 0x2b) sched_setattr(r2, &(0x7f0000000080)={0x30, 0x3, 0x0, 0x9, 0x9, 0x80000000, 0x8000, 0x100}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) mkdirat(r1, &(0x7f00000000c0)='./file0\x00', 0xe0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r3) tkill(r2, 0x1000000000015) 19:01:26 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x4000000}, 0x10}}, 0x0) 19:01:26 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x200001c0) 19:01:26 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x4000) 19:01:26 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x400300, 0x2}, 0x10}}, 0x0) 19:01:26 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x200000003) 19:01:26 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x2}, 0x10}}, 0x0) 19:01:26 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x101100, 0x0) ioctl$EVIOCSABS20(r2, 0x401845e0, &(0x7f00000000c0)={0x0, 0x0, 0x8, 0x9c4b, 0x5, 0x1000000}) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r3, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r3) tkill(r1, 0x1000000000015) 19:01:26 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x3f000000, 0x2}, 0x10}}, 0x0) 19:01:26 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xe803) 19:01:27 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000001600)={0x0, 0x12}, &(0x7f0000000040)=0x0) timer_settime(r3, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) kexec_load(0x9, 0x6, &(0x7f0000001540)=[{&(0x7f0000000080)="9f360b20234a08c367107cc732f4ae51add2f2409d9b3fc1734d40f4aa09020125adbc73b9761810c11f999189eecd773644592df1d2a812a3a180d4fcd430435f14eaf7f0db29768c504f885ed7a35e28665e0e18a34f2dc938270f4296", 0x5e, 0xa61a, 0x1}, {&(0x7f0000000280)="71bd59602909912c6d8c2a699370f2608b42294474e0ac8baf4d17c4d08f1d88ebf7245d5dcba23260ded177c9911bb88df8ea4953725d0f9b78eaef2312f4d10b1515a3eb42a6950b75f762561fa1663dff068899a103652e898743923729bd1035a6c905a6cbfd9ca15eb3eeeca3a997192452103da3b5c5d1fe43df536930351d365574ae12f627ffc7ce3e41ddce3564dcb5c1f491f31cd4d39b358faa8fc19315676f6a89261fd870abbcd390aa622c5e2c549b5148893a75b54a3193b9c32cb5273ae8a1c7e32dfcfcbdc17facff10b81f2293446cd9780a980371fa22aa1f32158d1baa576bd0f2fc822cfce3b50033f66b6a328a204ba6f07c7f4aba81c87751c4c7f7204ebe11db8e14d88167f31d9eec0edbd9ba5b10a9a5e602fc70b8096c33a1d1856b7bb4ccd789b69d48322830a94ba31262ed24568e826b695d1486cfe10074134e08afb1f3e8a8a8c2a80e4636fdf588ed2f17749ab1e52869199d06d10e74129034d9824ea928618854882d75c4f2f2313fe8240cc71164c606fe5511d4e3867a5027f7eb595cb870caa7f0a2d95b9873164b04c09e82e7abdfd453b18447dddae1d54b50867134685e6a98aa6cc5b58bf01728ddb5944648ea3e2a5280b351585d522721375d00d461763b9c5f85d27e4acaf68985e0687a2aaee6230588fbcab6ed4a0731ffdee308bf6921ae3ef4602f3703784a5ef09106ad05e8ab08cdc9e2bef431702953bd82ee240d37816e385e7f31741f9dc64fde2962f71affae81ccffb22a7ae3d62cb4171d562a91adaee207041c60e78d41a75b8e8eb86346628fb65c7e9ec502a99393976bb3ce4d0665c1179a37a91a661c09374fc72a63151799abe58c12706b935e12e77d99235fa7f8a9126c321359adb2e5f918f652d103b6b2b5277f9e5cb04f51c86ee37efe653f4b0adf2b68cd856e9232496f660d6a78a2246204c0e6b2676df5b4e9756662246782794381690e286f3e756a6156e9a30615815e2c5f6c3c4f67f636782357a0327b8a67921d0ab6eae9af56acd146180837665415cd57df6fdab5f9a5cf9d5222dab1c0c172f96f2ed4abd45dccd0dbf3d609f5c11cf03301a139f392083e980825c42aec7f72a9280cafff649b355b3df2f4cb9dd707fe4cf53b87d8268c650323259c8df55fcaa4380082fd7da1de8a3018439c8e749ec6f9c0438492098033dcc85846cb21e4575f63d41d0c17404f2c72b8100d84baf6452ba0e5bf25c03f91e788832974ff92b3b802059f1374d032c8097b4581dd5c319c2b593ff55a44342191dcb2e27f31513c823287ae163333b288ee10dbcca48f28d25c9625df1254098a6eda84b8397c69c679a93fe47311abdbcbd6f13c9e3431689ca03f0eafcd26e524335dc24d234a7cb0c84a4e8b8cd843d85dc4fa59c34447c9c21d4ad9a6ba4dfff5a1ab91f32192d386a5e9a2a94be62920dd911a9a99615f4de4f9b8a86b503dab5b1a8582548b4cef5b66b94083c5fe4ef5ad468792827dae652ce4c3d25d46c785ed21527e36518f14d76c3423038095b5c8eb5277f5e22cb4a457d48f08d5a33b7a8671018e0c6650fdb1a3051c15c9b945f28fe0d10c7c8b49b56fc93908ef37e6b21045da21b2bed7eab974bdb537409255bc4466b1e7a71890301a554b22a1106b1595e38de9f652d8e3fa233b70457aebe4208a899749c6b06addccee0a19131b6bba8be7732fd0c49e667af60139969fb7168d2621a2e9f7df43be347889d735b62b83399f56f1c3d74cc541d482af8abc07c97a150895596bb740115ecb572da332ab55343ac06f3bab7b34b15c0ea045dd96f935ab0c6c1ceccd4f37484dd08f05fab849f0ea0e390698afaae8aa817bb9cdaea3908ee244a816e30905e097f6de3e54c4c76d644a17e82a9da7f5c8d74b2406efe137b11ef5e4767905e39c9726d4c2b307a87b61c95025c6d63d1cc06593964afe592376cef29c8873e152a28e446d42d7c93ca93b66110fed84dbed971e01ae17c1fa105601b31402e4cb563f42e452c63149a874b7e3c0c0670a2c5819759669292ea13b41ee5d549dd94eb83d96a1d798f22323eeda72c50f59470c9f4a0d346f62ab27e9a36a00cb4958ba1b2d3a95721cbfe9be04b655e508d2e284c32ff99b26e46929782454b300c73f3951292c3cc90bf3a550ed2a70e755768f417b134d1478c61955b86a968a0a0c5740381a1e1e17f7b7a44174e68101f8a19af757a0b8351f2bcb0d6d36ceccf86a96f9f21c1aba878173a8045ea3dc3da701710fa0141e9816ddcb4838e9e9691faaabd984e0fd041e05530a1f7e36f88621a6acc050e7b107fc80e05cbf714cb183f1b1b89aa63ccc409236ba69e5240cf3d36ebb8c0e06812e96fd0fd75a24e9ae158584f51d14d69768ddee36424c216e98f71e06d8b1495a1f3b47d90cba6480c6941bcd34bd510aa7a3472cb91fc5b922ea8c08bc5d2bdd125878209f212e5109e51f28d769dc21e3fc56888ebf6b03d55225a3361534e1a5c7c1fb9eb66f6db982d17e2008a499be9e3f982152c8d09aefdda6a7d8e2b0690046dba1e15e02714cd8eb7bf3bc1b8f4f0a4da0983279e32211fe62d62c302d19aa9dac843240f1e91b7704fa60ff4ebcf8f3d59672809f8f4b87d2fa99df3fff3102d68793dc3c327edcbf9accc83adae87ec680625456b845a1cccb54564da1daaf8330b0cf1291bafa578061b2e42b62d8793ffa55137f93fc42bc1fd54672cdb0472478d0bb40d306a4f6311fd68cc5e6227f2ad9904c37a3eb028a4f9c4c79855d160ed57640727fd029d60f305c57073e9f51af7f20b7919b275ad97e89f5e9bbfe8d0891ec263643236e3acb973466b7bd22dc69cbdf2f7fd81df023c8c8adc7d0a3bec9079cce17edf8f4a10dd1ed53b72c06d6e3b173ba61f601ee5b788d515fe969a833e101c995b35476795a8de8412c6b37e0ae84126497271c5a986207bcc56d0e553ed0e720dae28613227d7f3048613a8c0f00e12d73845301bdc0320fe79bacdb58577b784a8609afe7877865c80eef8947f7a2d9f08532d064f38a1ec09b6e75d65c99846f96ca3422dca724cba727b349f019824b6e1f1bfa2fd0e3d6f4472f9a4d84c330c7d9a416a9eeef25eadf5b55f19ebad4fc680f75ae50412ad5b2142d34a70907de5abccab07de338b58137915931d82656f08c1cc954f023426137ba5ece6868ec1038f3db0dc8f260774c78353dc5510538da6e8f8aa16c3862eec1fd43567086cd11ff0af9e93f3bb5e70d747f6048182fe9e7dda8b837f29bf1b0e5300b6c9da5358832ad17190c53353b9e5ef573c6adee99f9af16933550560985eeee867b2473e2272273bf9ac034f975e51b0180a9470fc033ef9d01e40c0b2f0886c73122939ade12fbe0828b8982ff305d29b487508b8868d668395ac875c2eb5ff47fd43c1e058bbd97a4bd80733832c5b59db074d2cf61d965bc91422b4eeb79819a2b180ed0c64363758393b76c481da36fc70ba7ed3081cb621c5e38158c6b830ed6518d3c2fb296808df8b6fa00fc5f557f356b4ee02eb34b463c31e8d9928a0a82536495084e4536c2f433fd1bed3dae5fdde83aff8598ada14a521c2c6ee52892fdc0910eb57bfc859991ac00cea60cd347975c2108beb67c2867de9e5670797587f1257df968b71252834c0d8be5ea279b1e44313a1faaf87a6c7fc1cd2f3e5de15451b7d2f3fc013086885e0cdfaa43ec20a9f8c53188a15c031063de10a38e7a3563785ff674e4957fc591fe87b58d9b20eb3efc6488b66d8a4c95e3b29f2de1de73ca94429f1a094d8727828610d96d9f25c1502ba6fafb505b590da83bb1d2f152ffa93ba048a0420c7c5efed59be8d840dfaede0f51dceb32e592a4ad1fae922052f990bbeb6355dbee7cf0b6de3b44185af04e04f664544f7f7093298aa2111372abd6dafe902c4b6a2501aa267c833578df438d665d42b8c14bb417537587d62a246f7809f63cf1d7006b4d3707ac11d2388b2d10b2ce39b507ac00c99df7154059bd3fed0d8298b6c4ac610691504516a03cc9eecdb151b47577f5231a762c0c239a96f771afa94513d36819cc71dff3230b55eac22ec9dece93acbc42f61a933801e770afd18271abf6408d7558dd1bb0529166957bb0d1fe9c2dea15cdcd025708b8bef20be94108aa5f8ec7db8e8a5dca93f6238e3b76aefeaa84bb94c19981ebebdaf37036765b8e5282c19324419daa1fac54d04b924390216835c7ea3bbf306a98d4db1b900e462bfdab37faf7bb32ea836026403ae3fbc5f2fc40cfd5f1940b85699c8715340e439e5c7172edd868671d29df17c5ecbf2cc2344c4978dc54c6211dc98ad664bb7c22fa62b858f5878cd7410bc85c5b0e429ec543dbc369b91825c7adce35155c2c3535ebd843f4a5047b1ff65b2b41cf2fb56a2759945cd7febd22cacc3ff223d7d30c5575b2a5d13be0498edb182a3b6565da5d7f946e1f90ef7c6e2e9784db66f4539f172351ee7e0fd88d6fd8e2246bc77e9bd5d7846765e4eae1883bb6e8c4c80959fe08210101322a71ccb771470741e21992607d59cbc47cabec4756584197a4658d87cb0a8d47dd03d41587fe1ccdb8240b8438128fb52c19614a1af81dbc892006e6a048e6d7232071ff43ad740ddb1f018e395b4cf4d0e84ec3c1f4d4329222022000978e07d5c4f695bd6fbf158fae711b2979b10760365b76c3c15b159a752bf756eba6a20c50ae1c7b11db2ab51ab5b1e8b172f02c1cfa444c11ed7de2dd9dcb126daf7d7a172c3ec83fe6ce46485e8419cea395a86b60812debf5ab389fa038d7e93e5b00da8c18f409764d5be37f9a221eda321c3b65dc8477736d12eb30b81f9c3043bdb524364485a403ec68df71e091dc8b9170443485432afd18c3b176134d5532963c95fdb3ac0cde3e366622a2b8f872e2d4b6e08bd960d4b2c10cb56bd2448df2468abbda0214848dbff8c589b27a3d1860757f0bc78c9125963fbbd7c9782430dcea5fe647e3328957235def5906d8e20c617aa9a23b3ce869a95e59cc5170820c5ffcc16c7890c754bb830cec7281780c3b512310f280a8b4f00ec6492505d7abc89f06e52a91dd85b1eb28c1847a7e27e1bd63a60f8661af1171e4d335d3166d57dd3f1104eabeb2b38f5f1df3181a022c604c0bdd433fb93637ec80eccd74c0304c415aae2af882177c8d9e0b5c258ab1f0d4702c71af133b7521aef51c3de597c0eac61538b0edaf997138c2f7f08ceb3a9370bad9efc4abd316e50cfb81ed9c8503b5f9952572570d4d120b77fd637b87208a801833b3e80bf3de994200beece11cf13f3a3132567ad4fcc2c0fc21de0f9640f76723a5e24ab307c252ca883957a4778f0a2cfb6dc3233cae6205b818a148aa0fed8c875f455ff08c304aafc4d3c1b1e41e567aca27b82491ce1c6f53b55403031cf654dc868d9a3350854c21c2503fddaaa4b439282155fe521f39f5e29823a1b3b2e36c52330f98a79af026246ad8b4eaa5623e4bcc31c705bb643019d11444970cc1d2b427ee25c9dd1097eacf0c216df1b0d45fb09d884c03d036f40e9c6f489f24796e68334017acd4a72c02af9ae18b65c42426939e22393729e4d2d744f8154eb9c10720b53c0e1ccbb3797a3e01224d48c5a2ba7ab566e26fc970f9603235c5aa2ff78b6e0b52897b6f9197d7dbfbb34e0a29ce10b67d669a70588f5e512561ea7516053f7f75215722943a44e3d00317c3db8f9354c30fbcbf9bcf75", 0x1000, 0x9, 0x100}, {&(0x7f0000001280)="4e54894d23f2a902fd57626e04018f4fac218596e0623036f9fcb18315a62a2eb8688791dcee19653908d74cb0facb2d8adcd10240e47010f2997a2e2f0a99dc297c562b0ad5415bab39e77ab4fc6ad0c7a6159d544fc197181ea14a121a60f28649a50bebc845dfa0996f9dd51961bafac18dca22e1bf9ba9d6a360f8cb703dd9382d4dce510fa22fecaebf3f8e910bd31136fb919dd6a9f75b67b490911469f6d6c102aac9de19dffa39d03f3b7c18bf57bd7dbb598535468f88ef75972fb0231e2359b44d4138cd02e894", 0xcc, 0x7fff, 0x9}, {&(0x7f0000001380)="1eea4e9b142785376ec80f3ed4fa5baed8fc2f0c615bea924f1433a77bd72ea9e88b14426094c07494649a1925ebbf931cf06da71a22d656ce6cbd010bfd9de0969a622df1e2ac40eb5bb6c936dd0532bcbdaea5f3b6c06fafd0ab37be39cd6cfc5ba2d4ea5270a519e6fdfdada8934ca0fc80e747abe2863969e3b3691aa04b376a322978cf2b81abc46b181f7679bba9edbdba66cfb5f589669b60c84fd379d4e9f5eaf7dbb2fad76c327f5b0ae0f1a728c29aedae08617b", 0xb9, 0x47, 0x7f}, {&(0x7f0000001440)="87fcdc5ecfe9a3dabf612219c1aae57d3a6dcec47d7d050704c317e0d6264c25e1c5af2e90b835d3cfdb8cc0ac8c3d4d9367c37d2ebcaa6c0d1a95683e307cff79a094edb35b500357412485c4f9f95d7b67de5df895027c63150b4cd714d564d1513781f0417ae9249df2f7b12a05bad5c79a5fc454e34b012843f62389b36d2eaa68704f16276bf14c17c9c7623b3b9f3c8118b3abf40a723b33cffc154bfbb392a0af4f82145dff501fb191a9ed3f1ac0b4dc6e2eba0cbce59b1b9d13fa3610868cd65c6c18f7aea66f34b9c87c4c0642a4ce485570766d2d0264e494871e7d1b428a", 0xe4, 0x9, 0x9}, {&(0x7f0000000180)="8ecbdaac17ef6cfc796bd658cc33cad884b8a6f6b572964e7c9942494519367aa2fa25512b206701c17b09733d7ab3302f22465997095c1d9f77a298304291200eb2abe790ed2b620b762fd45830e965767ae036148cd0ec961acd5923fa49048e35753131", 0x65, 0x8001}], 0x140000) 19:01:27 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x100000000000000}, 0x10}}, 0x0) 19:01:27 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0xffffffffffffffff, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = dup2(r0, r2) ioctl$LOOP_SET_BLOCK_SIZE(r3, 0x4c09, 0x2ec) getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f0000000280)={{{@in=@local, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@broadcast}}, &(0x7f0000000080)=0xe8) ioctl$DRM_IOCTL_GET_CLIENT(r3, 0xc0286405, &(0x7f00000000c0)={0x401, 0xf59, r1, 0x2, r4, 0x7, 0x6, 0x3f}) tkill(r1, 0x1000000000015) 19:01:27 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xa) 19:01:27 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xe00) 19:01:27 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x3}, 0x10}}, 0x0) 19:01:27 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$bt_rfcomm(r4, &(0x7f0000000100)={0x1f, {0x4, 0x0, 0x40000000000000, 0x4, 0x2d, 0x3f}, 0xffff}, 0xa) clone(0x206102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) r5 = getpid() sched_setscheduler(r5, 0x5, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:27 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x400000000000000}, 0x10}}, 0x0) 19:01:27 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x3f000000}, 0x10}}, 0x0) 19:01:27 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1000000) 19:01:27 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x803000000000000) 19:01:27 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x200000000000000}, 0x10}}, 0x0) 19:01:27 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x4}, 0x10}}, 0x0) 19:01:27 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1a) 19:01:27 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) rt_sigprocmask(0x2, &(0x7f0000000080)={0xfffffffffffffffc}, &(0x7f00000000c0), 0x8) tkill(r1, 0x24) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = dup2(r0, r2) getsockopt$inet6_dccp_int(r3, 0x21, 0x6, &(0x7f0000000100), &(0x7f0000000180)=0x4) tkill(r1, 0x1000000000015) 19:01:27 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x900}, 0x10}}, 0x0) 19:01:27 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x3a00000000000000) 19:01:27 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() read(0xffffffffffffffff, &(0x7f0000000140)=""/43, 0x2b) fcntl$getflags(r0, 0x408) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, 0xffffffffffffffff) tkill(r1, 0x1000000000015) 19:01:27 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x4) 19:01:27 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x34000}, 0x10}}, 0x0) 19:01:28 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000380)='/dev/full\x00', 0x200, 0x0) getsockopt$inet_tcp_buf(r1, 0x6, 0x1d, &(0x7f00000003c0)=""/244, &(0x7f00000004c0)=0xf4) r2 = gettid() r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r3, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x7, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) fcntl$setownex(r1, 0xf, &(0x7f0000000080)={0x3, r2}) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r4 = dup2(r0, r3) tkill(r2, 0x1000000000015) ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) 19:01:28 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x100000000000000}, 0x10}}, 0x0) 19:01:28 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x900000000000000}, 0x10}}, 0x0) 19:01:28 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xe000000) 19:01:28 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1e00000000000000) 19:01:28 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x9000000}, 0x10}}, 0x0) 19:01:28 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x40030000000000}, 0x10}}, 0x0) 19:01:28 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xfdfdffff) 19:01:28 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() pipe2(&(0x7f0000000080)={0xffffffffffffffff}, 0x80000) ioctl$SNDRV_RAWMIDI_IOCTL_DRAIN(r2, 0x40045731, &(0x7f00000000c0)=0x5) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r3, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r3) tkill(r1, 0x1000000000015) 19:01:28 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x4000009f) 19:01:28 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = creat(&(0x7f0000000080)='./file0\x00', 0xa0) getpeername$packet(r3, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) r4 = msgget$private(0x0, 0x100) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0}, &(0x7f00000001c0)=0xc) getgroups(0x3, &(0x7f0000000280)=[0xffffffffffffffff, 0x0, 0x0]) stat(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000380)={0x0, 0x0, 0x0}, &(0x7f00000003c0)=0xc) msgctl$IPC_SET(r4, 0x1, &(0x7f0000000400)={{0x7a5, r5, r6, r7, r8, 0x4, 0x8}, 0x9, 0x8, 0x6, 0x8, 0xd8d5, 0x6, r1, r1}) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:28 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x400300}, 0x10}}, 0x0) 19:01:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1e00) 19:01:29 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x2000000}, 0x10}}, 0x0) 19:01:29 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x9}, 0x10}}, 0x0) 19:01:29 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000000080)) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:29 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1d00) 19:01:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x9) 19:01:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x17) 19:01:29 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1e) 19:01:29 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = dup2(r0, r2) getsockopt$inet6_tcp_buf(r3, 0x6, 0xd, &(0x7f0000000080)=""/68, &(0x7f0000000100)=0x44) tkill(r1, 0x1000000000015) 19:01:29 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0xffffff7f00000000}, 0x10}}, 0x0) 19:01:29 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) inotify_init1(0x80800) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:29 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x900}, 0x10}}, 0x0) 19:01:29 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)=0x0) munmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) timer_settime(r3, 0x1, &(0x7f00000000c0)={{r4, r5+30000000}}, 0x0) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x8000000000) 19:01:29 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x6714a5187f0000) 19:01:29 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x2000000}, 0x10}}, 0x0) 19:01:29 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x400101c000000000) 19:01:29 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x2}, 0x10}}, 0x0) 19:01:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1400000000000000) 19:01:29 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x9000000}, 0x10}}, 0x0) 19:01:30 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x900000000000000}, 0x10}}, 0x0) 19:01:30 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x400300}, 0x10}}, 0x0) 19:01:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1100000000000000) 19:01:30 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x17a) 19:01:32 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x200000, 0x0) ioctl$KVM_GET_XCRS(r2, 0x8188aea6, &(0x7f00000000c0)={0x4, 0xb8, [{0xff, 0x0, 0x2}, {0x100000001, 0x0, 0x9}, {0x7, 0x0, 0x2}, {0xffffffff, 0x0, 0x7}]}) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r3, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) socket$inet6_sctp(0xa, 0x1, 0x84) dup2(r0, r3) tkill(r1, 0x1000000000015) 19:01:32 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) r3 = semget(0x0, 0x7, 0x386) semctl$GETNCNT(r3, 0x4, 0xe, &(0x7f00000000c0)=""/32) socketpair$nbd(0x2, 0x1, 0x0, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:32 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x40030000000000}, 0x10}}, 0x0) 19:01:32 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x34000}, 0x10}}, 0x0) 19:01:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1000000000000000) 19:01:32 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xc0000100) 19:01:32 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0xffffff7f00000000}, 0x10}}, 0x0) 19:01:32 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xc000000) 19:01:32 executing program 1: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r0, 0x80dc5521, &(0x7f0000000280)=""/236) r1 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = gettid() lookup_dcookie(0x2, &(0x7f0000000180)=""/98, 0x62) splice(r0, &(0x7f0000000380), r1, &(0x7f00000003c0), 0x4, 0xa) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r3, &(0x7f0000000040)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000440)) fsetxattr$trusted_overlay_redirect(r1, &(0x7f0000000080)='trusted.overlay.redirect\x00', &(0x7f00000000c0)='./file0\x00', 0x8, 0x1) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r1, r3) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x2400, 0x0) tkill(r2, 0x1000000000015) 19:01:33 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x4}, 0x10}}, 0x0) 19:01:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x17000000) 19:01:33 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0xffffff7f}, 0x10}}, 0x0) 19:01:33 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x900}, 0x10}}, 0x0) 19:01:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xb00) 19:01:35 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() ptrace$setregs(0xd, r1, 0x5, &(0x7f0000000280)="5cfca6572080e8cfe06c5f9cb0fb16b6b401b19f05ac5e20afd58cad68d7e9d84bb2099819046d754a518b9e10c845cf1e3bf02e1f1345b019979ca200b6168c93f93a7a75e6dfd44e3f44acaaa7b94e73cb3d4e2ad90b66e8f5f11907a89f697ef0f820ab80bc9d6834bd759e2c7d14dcefac9ee1bae096e98b31e66336bedbac78ff8dee4cdf8d8cc7d7ece05bd6d0ee4c448b16b86b2ac2336afda8e80a4b48879ead8d1dfd37e5b57ca8507b5c3df35d3d85d4326d07fc450de67918c2ee750808ba2c4557cfdf5fa4ba5aeb91df853ff7b6d6b2ae8a9edad10f0562c7cc26331f40459620ac4b") r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) r3 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/enforce\x00', 0x2, 0x0) connect$l2tp(r3, &(0x7f00000000c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, r2, 0x1, 0x3, 0x3, 0x1, {0xa, 0x4e20, 0xfff, @mcast2, 0x100000000}}}, 0x3a) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1800) 19:01:35 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x2, 0x0) geteuid() setsockopt$bt_l2cap_L2CAP_LM(r2, 0x6, 0x3, &(0x7f00000000c0)=0x1, 0x4) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r0, &(0x7f00000002c0)=""/43, 0xfffffccf) write$FUSE_OPEN(r2, &(0x7f0000000100)={0x20, 0x0, 0x8, {0x0, 0x1}}, 0x20) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) fchmodat(r2, &(0x7f0000000140)='./file0\x00', 0xb8291415a1c8849a) ioctl$SG_GET_VERSION_NUM(r2, 0x2282, &(0x7f00000001c0)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r4 = dup2(r0, r3) ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000180)={r2, 0x1, 0x6, r4}) tkill(r1, 0x1000000000015) 19:01:35 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x4000000}, 0x10}}, 0x0) 19:01:35 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0xffffff7f00000000}, 0x10}}, 0x0) 19:01:35 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x7ff, 0x40180) getsockopt$packet_int(r3, 0x107, 0x1f, &(0x7f00000000c0), &(0x7f0000000100)=0x4) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:36 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x3f00000000000000}, 0x10}}, 0x0) 19:01:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xb) 19:01:36 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x2000000}, 0x10}}, 0x0) 19:01:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x3e00000000000000) 19:01:36 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000280)='/dev/full\x00', 0x803, 0x0) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r3, &(0x7f0000000140)=""/43, 0x2b) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r2, 0x114, 0xa, &(0x7f0000000300)={0x2, "c005"}, 0x3) r4 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vhci\x00', 0x0, 0x0) write$P9_RVERSION(r4, &(0x7f0000000480)=ANY=[@ANYBLOB="1500000065ffff0600008008003950323030302e7518a767dc8e9c2317a0e645817163122689780a52ae0570efae0de8a0f16df601233e788404f90efef62ae152fe40350ef881ef516513dbe2c236b8a6e1ad96e9940f085664b13b7ff225cd2b5c37998c4481a9549e592f3238645603380fbdcb52ce7c3a116c"], 0x15) r5 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/pfkey\x00', 0x90002, 0x0) r6 = perf_event_open$cgroup(&(0x7f0000000080)={0x2, 0x70, 0x5, 0x3, 0xf8c4, 0x7044, 0x0, 0x7, 0x0, 0x4, 0x401, 0x10000, 0x3, 0x8000, 0x1, 0x4, 0x1, 0x10001, 0x200, 0x1, 0x9, 0x400, 0x9, 0x1, 0xff, 0x101, 0x4d, 0xac, 0x607, 0x7, 0x3, 0x8, 0x3, 0x40, 0x4, 0x6, 0x1, 0x4d3235ae, 0x0, 0x80000001, 0x2, @perf_config_ext={0x1000000, 0x3}, 0x4000, 0x7, 0x9, 0x0, 0x80, 0x101, 0x4}, r5, 0x5, r0, 0xd) mkdirat(r4, &(0x7f00000002c0)='./file0\x00', 0x80) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)=0x0) ioctl$EVIOCGKEYCODE_V2(r6, 0x80284504, &(0x7f0000000400)=""/77) timer_settime(r7, 0x800001, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f00000003c0)) dup2(r0, r3) tkill(r1, 0x1000000000015) 19:01:36 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x1000000}, 0x10}}, 0x0) 19:01:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x900000000000000) 19:01:36 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x40030000000000}, 0x10}}, 0x0) 19:01:36 executing program 3: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000540)='/dev/zero\x00', 0x101000, 0x0) r1 = perf_event_open(&(0x7f0000000200)={0x3, 0xfffffffffffffe7e, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6e797d8371407c39, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, r0, 0x0) r2 = gettid() r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r3, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r4 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/checkreqprot\x00', 0xc0100, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000280)=0xc) sendmsg$nl_route(r4, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000400)={&(0x7f00000002c0)=@ipmr_newroute={0x128, 0x18, 0x4, 0x70bd26, 0x25dfdbfe, {0x80, 0x14, 0x94, 0x9, 0x0, 0x7, 0xff, 0xf, 0x800}, [@RTA_DST={0x8, 0x1, @rand_addr=0x2dee}, @RTA_METRICS={0xec, 0x8, "33ac14cefe84101fb422255f0978d5b47ecacdbffddbcd92cc07c3b1a53da631a5f9d78359dfbdde6160591ecb7953e31ff490083a44a94ebec6ed695a2f49f62351729d7da0a34b9dac55510fffd725d1d5e7bfe68c84d2493411437f82a5622d73b2cd287f3e2b7f89f61b7c41fd8c30e461614225643ff5cec6307ce1db6198a0a22d35cb606628d989a0b05b392ee3aa15153b51961f957bf2e0289d9c39559fb28c8fa51d21e667de2d1c8b2c2b08434bc498a04919a652e0544f46ea5b629fba1caa56521d1dc54dd0b77844d7bd83ee7a1c94360f287f2101481ed8beed3993ad97fda08a"}, @RTA_UID={0x8, 0x19, r5}, @RTA_SRC={0x8, 0x2, @multicast1}, @RTA_PRIORITY={0x8, 0x6, 0x7f}]}, 0x128}, 0x1, 0x0, 0x0, 0x48880}, 0x24000041) socketpair(0x5, 0xf, 0x2, &(0x7f0000000080)={0xffffffffffffffff}) clock_gettime(0x0, &(0x7f0000000480)={0x0, 0x0}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r4, 0xc05c5340, &(0x7f00000004c0)={0x10000, 0xffffffff, 0x3, {r7, r8+30000000}, 0x2, 0x7}) ioctl$BLKDISCARD(r6, 0x1277, &(0x7f00000000c0)=0xffffffffffffffff) dup2(r1, r3) tkill(r2, 0x1000000000015) 19:01:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x8004000000000000) 19:01:36 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x3f00}, 0x10}}, 0x0) 19:01:36 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/igmp6\x00') r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/enforce\x00', 0x10020a01, 0x0) sendfile(r1, r0, &(0x7f0000000000), 0x7ffffffe) r2 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = gettid() r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r4, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r2, r4) tkill(r3, 0x1000000000015) 19:01:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1a00000000000000) 19:01:36 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x4000000}, 0x10}}, 0x0) [ 509.454133] audit: type=1404 audit(1537556496.596:57): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1 [ 509.517736] audit: type=1400 audit(1537556496.636:58): avc: denied { map } for pid=20253 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:01:36 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x9}, 0x10}}, 0x0) 19:01:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x18) 19:01:36 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x9000000}, 0x10}}, 0x0) 19:01:36 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000001}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x2000, 0x0) ioctl$SNDRV_TIMER_IOCTL_TREAD(r2, 0x40045402, &(0x7f00000000c0)) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r3, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r3) tkill(r1, 0x1000000000015) 19:01:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xc000000000000) [ 509.725718] audit: type=1400 audit(1537556496.816:59): avc: denied { map } for pid=20259 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 509.764064] audit: type=1400 audit(1537556496.856:60): avc: denied { map } for pid=20261 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 509.787093] audit: type=1400 audit(1537556496.866:61): avc: denied { map } for pid=20260 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 509.812168] audit: type=1400 audit(1537556496.866:62): avc: denied { map } for pid=20264 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 509.839428] audit: type=1400 audit(1537556496.936:63): avc: denied { map } for pid=20270 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:01:37 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x20000, 0x0) ioctl$sock_inet6_tcp_SIOCATMARK(r2, 0x8905, &(0x7f00000000c0)) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r3, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r3) tkill(r1, 0x1000000000015) [ 510.012630] audit: type=1400 audit(1537556497.126:64): avc: denied { map } for pid=20282 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 510.042606] audit: type=1400 audit(1537556497.136:65): avc: denied { map } for pid=20283 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 510.065295] audit: type=1400 audit(1537556497.136:66): avc: denied { map } for pid=20284 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:01:38 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r3 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x0, 0x0) fcntl$getown(r2, 0x9) ioctl$KVM_GET_NESTED_STATE(r3, 0xc080aebe, &(0x7f0000000280)={0x0, 0x0, 0x2080}) read(r2, &(0x7f0000000140)=""/43, 0x2b) fdatasync(r0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) getsockopt$inet_sctp_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x7, 0x1}, &(0x7f0000000100)=0x10) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, &(0x7f0000000180)={r4, 0xc6}, &(0x7f00000001c0)=0x8) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:38 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x400000000000000}, 0x10}}, 0x0) 19:01:38 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x400300}, 0x10}}, 0x0) 19:01:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x700) 19:01:38 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x17b) 19:01:38 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xfffffdfd) 19:01:38 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0xffffff7f}, 0x10}}, 0x0) 19:01:38 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r3 = dup(r0) sendmsg$nl_route(r3, &(0x7f0000000400)={&(0x7f0000000180), 0xc, &(0x7f00000001c0)={&(0x7f0000000380)=@mpls_getroute={0x70, 0x1a, 0x320, 0x70bd2a, 0x25dfdbfb, {0x1c, 0x20, 0x94, 0x1, 0xff, 0x1, 0xff, 0x5, 0x400}, [@RTA_DST={0x1c, 0x1, [{0xfffffffffffeffff, 0x7ff, 0xff}, {0x3, 0x1, 0x2, 0x80000001}, {0x4, 0x80000000, 0x3, 0x1}, {0x8, 0x7, 0x4b18}, {0x8001, 0x8, 0xffffffffffffff00, 0x5}, {0x7, 0x9, 0x5, 0x200}]}, @RTA_TTL_PROPAGATE={0x8, 0x1a, 0x1}, @RTA_DST={0x18, 0x1, [{0x7, 0x0, 0x6, 0x1}, {0x1, 0xff, 0x8, 0x1}, {0x80000000, 0x8, 0x7fffffff, 0x4}, {0x9, 0x4, 0x0, 0x8}, {0xd6, 0x8, 0x7, 0xa7}]}, @RTA_TTL_PROPAGATE={0x8, 0x1a, 0x1000000000000}, @RTA_DST={0x8, 0x1, [{0xfffffffffffffffd, 0x3, 0x3, 0x4}]}, @RTA_TTL_PROPAGATE={0x8, 0x1a, 0x6}]}, 0x70}, 0x1, 0x0, 0x0, 0x4040000}, 0x10) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r4 = dup2(r0, r2) tkill(r1, 0x1000000000015) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000080)={0x0, 0x7}, &(0x7f00000000c0)=0xc) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r4, 0x84, 0x1a, &(0x7f0000000280)=ANY=[@ANYRES32=r5, @ANYBLOB="c6000000ea3592f0b2fb4f83304a6b638689af94f506365346cae33565b4167a11612dc4740037459ac928216000dd73fd061037c6153ee8f02ead6b2274ce23c430401b144211f44ffe81b3a1e79d0bbbf209e900f7ec5e54ebdebe1988ed0664d4a33af229f15a9a351d9348dc8022700dcecfcbbb1dca0b55163f626c436e70b8712c6b754ca271a26d1d46fd7dc2ccb30b6e0ab28bf76c4e4e7350d46e49c8d4341e7e1bc301ffffffffffffffe7d58970519483bd96f31e2c3e1831cc699fe1d98bcc1a23a5f16c"], &(0x7f0000000100)=0xce) 19:01:38 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x200000000000000}, 0x10}}, 0x0) 19:01:38 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xc0000083) 19:01:38 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x1000000}, 0x10}}, 0x0) 19:01:38 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xa00000000000000) 19:01:38 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) setsockopt$sock_timeval(r1, 0x1, 0x14, &(0x7f0000000000)={0x0, 0x7530}, 0x10) read(r1, &(0x7f00000001c0)=""/170, 0xaa) r2 = gettid() r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) fallocate(r3, 0x1, 0x9, 0x7fff) read(r3, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r4 = dup2(r0, r3) ioctl$VT_DISALLOCATE(r4, 0x5608) tkill(r2, 0x1000000000015) 19:01:38 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x34000}, 0x10}}, 0x0) 19:01:38 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1000000) 19:01:38 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x34000}, 0x10}}, 0x0) 19:01:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xc000000) 19:01:38 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x4}, 0x10}}, 0x0) 19:01:38 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x100000000000000}, 0x10}}, 0x0) 19:01:38 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x8010040) 19:01:39 executing program 1: r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x3e6, 0x0, 0x8000000000000, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() munmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000) r2 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000001280)='/selinux/checkreqprot\x00', 0x14000, 0x0) setsockopt$RDS_GET_MR(r2, 0x114, 0x2, &(0x7f0000001380)={{&(0x7f00000012c0)=""/120, 0x78}, &(0x7f0000001340), 0x18}, 0x20) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r3, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r4 = dup2(r0, r3) ioctl$sock_SIOCBRDELBR(r3, 0x89a1, &(0x7f0000000080)='dummy0\x00') write$UHID_INPUT(r4, &(0x7f0000000180)={0x8, "71fa0dc07f897fead2ab9ce2e549671fe1e9bd665fe9f01909ceb366f0e2c56b8e6f57839b4450dcf1055fe501bdac530da92b3c44fca3cae681514598b0f489b954852542a8343efaef349e8b16a28176fdabe792b8dfdf03f395d9b83ae92734162f009cd27e54bf6270dbd596fcc1843207918971a9bacc551a70dd9f9bc2fcf134ffe9ec15a1473ac7ec71d549fbfa65bc6a038b585fa8d64ecb7be42e2dfcbc645acbce8279fd741aa298694b3d397b87ea722ad970a1b739256da2dc44c17ed9e5bd8a880490d9946d008f5f9d78d26e375e1596608b2a90261d0f2ec34601ce72e7bff1219c5139a02510519fc2429d857a5d18918ce15e2a27d5e836c7c0586b988ef1d1d67404dec74bf35ed53afd8eb811e92be44e14d543631aef47651d968c23109b2db52f767ab651193305cdcaa03af15ce4c813b4c374da214682709ae7242aa34f99aaaa312456e4416494ac38690c6f216ba912905e551a9c6f3f4eda2efee2e05e756dfb98d0ec31683f237c0a7abae06f45b06c666118e16c9b0e458c705582a29c36e1a9c2fc2af4f6c4035a7d65f30b391173cea6553a4f4a6a47535e16e39044024d6fafa04ff5f7b99a7ebda684941b65a3e1076f8a6d63d36b9eac88681b7f91ada144c67e1bee282da56279e93a7d80b7f1c340cc7d31ff609c98e35f9b1b770cb22b0396098d49ef1403ccbb611fa1b09c0e34799d9bc8bd52b41e8eee3c11ebd599cffff332c20e9ea09f1852a9cff123ddac042fb16a3125726e9c0e0b991fe6e3e0c76d6b041199844401336b793986691ec1e65aea5845c5a4cdc1415bfccbd950306e15c9516e857b14e21aa2cddacec8df4f241436b754de1abe4e8e5cf77d360459d69e37ca4708b193c4654fc0045e5b88ecda67cce66bc03f54466e19ba6fc20ca8e00be95757d7d4e735e7d6327c50b01a396c3798785528a9c42716501d53e636dd22273261097869fc3c3797e3b67ff6938b18d37c09f470f1fba0a28ca291ffed45155878de838b5c31486440b8b21bd7154346a9b3b026ee5600ecbda689e7358ab9fb41baae67975b3be028c0fa645917728d0041d604b80afbd947af00870df297c256d6c714a9b3c81a5b4dd9d8ef4c97a33178acc0a95f51c1567f72660f80c886fd982c3428a84eaa29e296e053c303bb21963bd4918a8a252b605f6cd44871d652862beb6930e501a01188daad5843405bef18c1e1eec138a303dcdddd251fe2382d2e9391f276e7c49c21f063c2486574bde00a3f1ca0da376329538c145829cb33d3f418bb483a00f232a79005368da7f0827e195a3eba73e0e55d52a278a7bae4fe3a3a237c30ec8d9335110b210a12bf7ee565940c24c84cf6a2729d06d2b3ec4ea5dc575db983f83da04479b56bdb1a7ab96c06f4448e35ae761e3293a93ab5ecc19abcfc56270cf0f32f88e8cfded1ffb0b4070bdb301eb7b4fed8d51812955d3ba899126a63b413d4f2ab9e1f2b715659c14af78e98763c010695af108c6bf52d779a23918ed3b072c7ac18abe699b4a341dbd45240336fdfd067c7cf7683b5dc842d98bf9ec8fb272927fc906540c23cd63fcab50193444ae84cf8e259ae98e8b205cc6d3dd3b4470f02978e7e4739c7b378d556af32072601fd478d66a8295943c685bf9c1ebe14abd2dafdf68c752ff1e394996a6f07fcf8ff8ab1a1890b244cf328069ac305f99309f757c178338c9731a0b3354563326cdb5229bba684e43426986b7f5039d00a3f847193f2419513f612cc7b90a11dab2ed00d42af02b0a1423870953e4fe7e256cb0bfe625fb1e9b00c1aaa0d43cd1657bb4ad9573bfbecec9eef92af154b4016ab512107054e37483c9e0df5b40019070317fdaefcb38a09ae37474a92131649db59c33c92e3837887e03817bbe5fd80a8596694004cff7cbcfc123b97c9f742f5c7114d876ee78007e06e9f4f081ac0ea52662d546bef9f592503da6b349780ef295a066e414803c622ecb03ac4c7d7899526ab7b62700122ff3846135aea04b86923a17cbae3ceebb11ffb8b935c1ca92d832277df5fd7e535aaf349b4543c3fe5a0ba4bed130e2ccc0976a0e21fb3eb3085f00cc47e0d19654f5736c6f4b541c7e79bb1c401d500d0cfa9a4c6e562694fa566e659505b3012beae373122e1bb77fdc52e1b0adffdac507b9ba18a5bfd85f0fc9d99d466e1f8a73d4355d93862cd0a583ca190f910663c885287e946e95f3e70ace2a69402bf964a95f879cf72de32786868b97e4e3c6df5c1b046a9f2150eb0fe2ca080ceaeed280beb6ee650872b6544b5530a57ec1acaef96a1cc5b085d6e883008f9eb6b95817342b4b8e015c3bc8615b6e72ef19c3fdc72c947907b955033e6dc6b9554f69d220171e0836f2fda4fbc3d44536232a826e4c2b1d42eecd97e01e87c8d8a791b23b4bb58ad0e6d455e4e1e2a8ce6c8ee3e32014d1e989339a3fef2df7b6a9fbebeafe5b6416a77beb8c03d5464c897567d37c33c43a86f10f5f58a87959cef8dbd4f98c06060db1b96d83ce5f59b82c6aa3030ac935d0109ea7a0f33e6977055742eaa81b3bffe238834cb7519163e0b70b0312b621d748f3d71c7296490b775595cc76eb87c517f05bfd8b8617d50386841274adcb58e342909abf2efe47bbcdda30711b5f1786d61e7ddac9a79bc31f62243293029de676131a1f1f9e99b2f1530ac4d1e7d0f62bdbf794498f86049828c4ab8cfdec3bf6f111f641f753c2e53f3bba4a054b82733b75e634ccd6cb2831f82193ae9032f264e39f940669eca721d27b879e57b74486682ef5cfc29c9243d75a5aa133bc1b14eed774f90c13422d5b2f076799f027bec02b802681ada8386866e4c6715f32128c15f539d0eabb1673c7ba5664aeccbd9c37638b4977a211a6c42ede38253faf6af221a9f8ecb7bff6c709233184df6fd883c00ef0e103893e296b238af0be80742e4da696d75d2646572f349b825533e46c7fa34395b3c3fbf31bd5de338d9561b09cb202c886a8a23e2c2da7abc4f33e8a99e3f5f175d67ff0496a5ed1507364ebfa541b7ff86d05ba5f63a821a08f12ab1583572edb7ff7796ac5cedbb4564547b042f42f642fc5cbd9702572b28288f6ea18c6bfddf999caebaae04b754d3372d123af6789ef105d3a1654e48e5795990e55b308e6013e982c0d65404a4505f6d5af17e9c0cd8f656bb6dd0c2d767361b69ebd09da6ec1c426c0ccad3e85758980df9063cdcf46609de7b4165b05e6c15c28646358f731811aa9240c9eeb3555100b2d0bb2edc7219505b29e0a218203c08e38eccfe7c4c8b09256dbb4ce8dc04a6a0adccc01e4a230029f767cb255ca7ad72bfebac95a1a81b625aae1addc5db64e9c1f7abd4ff1f9199797911163c10a44de6d7b89a37b640c4e364375f67ce400e95d44507e9b2c395c9764ad2ab68d5e44d27afb7fbbdc26bcabf8ccf1b8f410fabcb4a7f6d2f12fedcf37b1e1cb5f95467ab386947387225368035d31b7f531d4848a1e6ab52a0331c669f3180d2a6ce6ced9be11a36fd7fccaf7a866b527a818b45be0d600800cf3911c31e94f865bb3a00295691c6357e2d40d3f7cc5591a61924906291bd962533fd8a47baa4667aab895c5e0ea0f3e2ab68b4e958ad7c6151b852b62b91f72607882f70a3b14e297cf4f8a4821d2d8c1ddb2f8f906fccc918b1a2b06cc305a828e8a74ea1de6dc07a3153478d978b161d18908d85af44bc1d7152e911470f654e2587de54fe90fc63e3111716ed0313ed7370c03856b0321961d6250bc9ea5812d961c09b67be4f1fcd68289d9beb73a0b27e8db785d143591f8b152aef077b901dfdd29715c37b6ae70a09b02a8df637b54a9727e8d525dcd1355c4c0912ede286b41d7db9beb334a6b0a0eb42f88d48249cedf026145ecef3bdf68711717f9ad4a1a537c388ed6f434535a30d65ee8b7e7618999927a8b17cfd851428c88caa556963666de2fca3f9be2d114c6b9bdc87d1c275cddf5cf34a7b6232af06422a90e10d7a3d09acefb1cb3c39eb674b2aacd88fddfea3cdc688cdeffb3d8bfe4ef54265abfa5b9d67bf9dbff3d9d0cf7b113fffe6afd774fd5625b9516b12cd7bcd77fda248368bf1ace46afabcd94f2e3dd9dc3054b060b792c0843167482df48f8b90fc403a3fff17dd23b014ef57145ec23ec542086c1cdfecb34b9ec5e3da6bd7da3465f7912e06b52dbe45516129abfbc3aefbfe857215bc0a2942c4067048cc86a8cb36bbfc956c6d138ccef65219e51becbdc854877aae9953aed7c10393f74855c60b61857eabb9b44a7c3b3e26a4bc3479d234b8b9c3b265b50b41e1079c92cd92ee8e53eae644be874dfe0ddf2984e2b98a2a4444df697fb17f88017bb952941c9c4c4a8f2b95992f2fd2f1a4164d60f4bf95f2aebe2c4439bba15deeca6d8743b9decdf0df5eb530bcb83e22ec0ebb3da075c1f7222f7c8aff03cd0558faa44c2a83fd5ab5345a444dbe352fb7cfab1ea98743446310fcf2e2e0d75dad7c8e7e7e2c55b03642a15ff46508231f1cffc90a53f0a1c84ae7b6bc173fbbac641d3202829d6f27794ad7b4e3fc6bf95d8a7922150281f0c774ceaba087b08a4fc13ff76169842dd3f82d55b179e00804dd58fe4f1dd3ba7736fde5e0d0b4d98183ab0de822f0a24c353e2178738220aecd260a65801194d6a8bbc60d593cf93bd2f8f43c1bc3c274ddf2ac42f72c9ec37aa2b8cb608946324dd1752f85c1fda63ea16cbed1f4e5caab783fc7ac9e69aa79a87a6a400785b3a60aafc9a7934a4e10e9e12ed937e46139aa27461fd3066306aeec6b5aca76f4867dbd670ea785537c9d39446e8025337be725db8b9ec8cdc784a91dcd78bce7e36086784e173d310db4cb98390f809cfb643d0d8cafed8b7b314b44b5229f32802c5d425a4a89ca165b6671128e60bb24b78538287fbb9313f5a6ffd8c32978e45da430b073689ca5c00413c1e7ebeb834e1dd9dd618dbaa371a0aff42a085e3a415a4940057005451898fd67fbf76b8c2555f93e93f29ec38b1729c70ea3eeeafb22fce44b5c5414c5b8386b363e531bfa1df0b95400a837d17e6752d8ceecb6a1f91c8ac3b2468fb15eb560cdf759be1cc8c7496addea6406f5f4397f8e3879833a425ba3e6be70850affe9ebc03afe2346eef04c507ec8e31d9ae79ce9491745eb094dbc66d3f6f43d4055410e347bd47ccb47372c670c07c87e884de9a5e5fa70275745f15cea63d0f3acf90e55171233781d65649d26cc4abd47f73bc5d5b6059bfb561d74ce340f1935958054633ce59c6447594407b7d0286934bedc4623bb523e817a60e03d78a45a8ef783bc321bd960674313ba4e48475725f7e8dd662ef5378bdd1b39219ef55f2b6ca9be2ea6636d5f2170ce4f6b889e3045df21483d95b5ebf710d1c60eb598ef87eec59fde1e67dda9e6cd36dabab95cfdb221c69aa5a143a3c1e82e33e8eb7fabc6190b5372fd93c8909f8d007c891b452d57a4fd987b22ec619671ee17e4dbccc4779bfbaec47b52b4e57bea8a107ec169f5c4309f2bea872277bc20395eaa11c73cc487e335eb80e176afbf9dc99c735c06f003018c44de6a0879c699736e17951d24c21dc6c0ef6b0564ce10fb32acb560c7dcdb0b67b3758608fa24f42b59756ffdfd256f02ba2323baa06ae4ab8a06d221a3f343ea9ad6e141fb3fa88e6839c46cfe47f1064f41e48a5a461d1676dbe443aa69f19d9950c886e78156d8c1f34c1a73bba52416594d85665417", 0x1000}, 0x1006) tkill(r1, 0x1000000000015) 19:01:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x11000000) 19:01:39 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x18880, 0x0) ioctl$VT_GETMODE(r1, 0x5601, &(0x7f00000000c0)) r2 = gettid() r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r3, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r3) tkill(r2, 0x1000000000015) 19:01:39 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x9}, 0x10}}, 0x0) 19:01:39 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x4000000}, 0x10}}, 0x0) 19:01:39 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x840000c000000000) 19:01:39 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) ptrace$peek(0x3, r1, &(0x7f0000000080)) 19:01:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1d000000) 19:01:39 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x30001c000000000) 19:01:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1500) 19:01:39 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x0, 0x0) getsockopt$IP6T_SO_GET_INFO(r3, 0x29, 0x40, &(0x7f00000000c0)={'raw\x00'}, &(0x7f0000000180)=0x54) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:39 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x9}, 0x10}}, 0x0) 19:01:39 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x400000000000000}, 0x10}}, 0x0) 19:01:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x600) 19:01:39 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x4000, 0x0) recvfrom$inet(r2, &(0x7f0000000180)=""/9, 0x9, 0x2000, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr=0xffffffffffff8001}, 0x10) r3 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x2, 0x80000) recvfrom$inet(r3, &(0x7f0000000280)=""/4096, 0x1000, 0x0, &(0x7f00000000c0)={0x2, 0x4e23, @loopback}, 0x10) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r4, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r4) tkill(r1, 0x1000000000015) 19:01:39 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x3f000000}, 0x10}}, 0x0) 19:01:39 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x9f00004000000000) 19:01:39 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) r3 = dup(r0) r4 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x6, 0x400000) ioctl$TUNSETFILTEREBPF(r3, 0x800454e1, &(0x7f00000000c0)=r4) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) fcntl$dupfd(r2, 0x406, r2) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:39 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x900000000000000}, 0x10}}, 0x0) 19:01:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x11) 19:01:40 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x200000000000000}, 0x10}}, 0x0) 19:01:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x4000000000) 19:01:40 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0xffffff7f}, 0x10}}, 0x0) 19:01:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1c) 19:01:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x8) 19:01:40 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x100000000000000}, 0x10}}, 0x0) 19:01:40 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x4}, 0x10}}, 0x0) 19:01:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x3600) 19:01:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1200000000000000) 19:01:40 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000000c0)={&(0x7f0000000080)='./file0\x00', r0}, 0x10) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r0, &(0x7f0000000100)=""/43, 0xfb) r3 = syz_open_dev$mouse(&(0x7f00000002c0)='/dev/input/mouse#\x00', 0xffffffffffffff80, 0x1) mkdirat(r3, &(0x7f0000000300)='./file0\x00', 0x80) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r4 = syz_open_dev$usb(&(0x7f0000000140)='/dev/bus/usb/00#/00#\x00', 0x7fff, 0x0) r5 = syz_open_dev$vcsa(&(0x7f00000001c0)='/dev/vcsa#\x00', 0x9, 0x0) linkat(r4, &(0x7f0000000180)='./file0/file0\x00', r5, &(0x7f0000000280)='./file0\x00', 0x400) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:40 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r0, &(0x7f0000000180)=""/43, 0x2b) prctl$void(0x1f) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x8000, 0x0) r4 = syz_open_dev$amidi(&(0x7f0000000100)='/dev/amidi#\x00', 0x3e0c, 0x8000) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x3, r4, 0x42ddb20e62644fad}) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:40 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x9000000}, 0x10}}, 0x0) 19:01:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x80040000) 19:01:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xc0000102) 19:01:40 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x10}}, 0x0) 19:01:40 executing program 1: r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x19b481) setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000000c0)=0x1014000, 0x4) r1 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = gettid() r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r3, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r1, r3) tkill(r2, 0x1000000000015) 19:01:40 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x10}}, 0x0) 19:01:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x10) 19:01:40 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x100000000000000}, 0x10}}, 0x0) 19:01:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x40000) 19:01:41 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x400000000000000}, 0x10}}, 0x0) 19:01:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x14) 19:01:41 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) ptrace$getenv(0x4201, r1, 0x80a, &(0x7f0000000080)) 19:01:41 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = dup2(r0, r2) tkill(r1, 0x1000000000015) accept4$nfc_llcp(r3, &(0x7f0000000080), &(0x7f0000000100)=0x60, 0x80000) 19:01:41 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x900000000000000}, 0x10}}, 0x0) 19:01:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x170101c000000000) 19:01:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xc) 19:01:41 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x900}, 0x10}}, 0x0) 19:01:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xd00000000000000) 19:01:41 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x34000}, 0x10}}, 0x0) 19:01:41 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x200000000000000}, 0x10}}, 0x0) 19:01:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x14000000) 19:01:41 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x80ffff) [ 514.526763] kauditd_printk_skb: 73 callbacks suppressed [ 514.526778] audit: type=1400 audit(1537556501.666:140): avc: denied { map } for pid=20630 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 514.653045] audit: type=1400 audit(1537556501.796:141): avc: denied { map } for pid=20637 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 514.692220] audit: type=1400 audit(1537556501.836:142): avc: denied { map } for pid=20639 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 514.733847] audit: type=1400 audit(1537556501.866:143): avc: denied { map } for pid=20638 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:01:41 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) r3 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/status\x00', 0x0, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r3, r2, 0x6, 0x3}, 0x10) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:41 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x400000000000000}, 0x10}}, 0x0) 19:01:41 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0xffffff7f00000000}, 0x10}}, 0x0) 19:01:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1e00) 19:01:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x1300) [ 514.781781] audit: type=1400 audit(1537556501.926:144): avc: denied { map } for pid=20643 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 514.851273] audit: type=1400 audit(1537556501.996:145): avc: denied { map } for pid=20654 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:01:42 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x400300}, 0x10}}, 0x0) 19:01:42 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0xe) 19:01:42 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x9000000}, 0x10}}, 0x0) [ 514.997980] audit: type=1400 audit(1537556502.136:146): avc: denied { map } for pid=20660 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:01:42 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x4001) [ 515.086592] audit: type=1400 audit(1537556502.226:147): avc: denied { map } for pid=20664 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 515.129049] audit: type=1400 audit(1537556502.266:148): avc: denied { map } for pid=20668 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 515.153111] audit: type=1400 audit(1537556502.266:149): avc: denied { map } for pid=20665 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:01:42 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$EVIOCGSW(r3, 0x8040451b, &(0x7f00000002c0)=""/217) open_by_handle_at(r0, &(0x7f00000003c0)={0x6b, 0x2, "b6d069b96980fc8f8591dea3538ea43d36e55fb5cd44afcf5f525fb7747750a630d853f0cfcaf34118ae31c3e905548b68449fdb0fd5e858e0004fbb485cfa457706db0680b671e263e6f883d024d839f14b31e191dd78a25ab9faed26382026fb9893"}, 0x47d347a45b2f62a2) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="22f71d068000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x135000, 0x0) ioctl$FITRIM(r1, 0xc0185879, &(0x7f0000000100)={0x1, 0x84, 0x2}) ioctl$KDGETMODE(r5, 0x4b3b, &(0x7f0000000080)) 19:01:44 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x400300}, 0x10}}, 0x0) 19:01:44 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x2000000}, 0x10}}, 0x0) 19:01:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x900d) 19:01:44 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) ptrace(0x18, r1) tkill(r1, 0x1000000000015) 19:01:44 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = dup2(r0, r2) setsockopt$netlink_NETLINK_RX_RING(r3, 0x10e, 0x6, &(0x7f0000000080)={0x9, 0x200, 0x0, 0x7}, 0x10) tkill(r1, 0x1000000000015) 19:01:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$TUNSETTXFILTER(r2, 0x400454d1, &(0x7f0000000080)={0x0, 0x8, [@remote, @empty, @link_local, @broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @broadcast, @dev={[], 0x11}, @broadcast]}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 19:01:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xe) 19:01:44 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x1000000}, 0x10}}, 0x0) 19:01:44 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2000000}, 0x10}}, 0x0) 19:01:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:01:44 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = dup2(r0, r2) ioctl$DRM_IOCTL_AGP_ALLOC(r3, 0xc0206434, &(0x7f0000000080)={0x7, 0x0, 0x2, 0x5df}) ioctl$DRM_IOCTL_AGP_UNBIND(r3, 0x40106437, &(0x7f00000000c0)={r4, 0xb6a2}) tkill(r1, 0x1000000000015) 19:01:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x3a000000) 19:01:45 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:45 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x3f00}, 0x10}}, 0x0) 19:01:45 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1000000}, 0x10}}, 0x0) 19:01:45 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f00000000c0)=""/43, 0x2b) timer_create(0x2, &(0x7f0000000000)={0x0, 0x800012, 0x1, @thr={&(0x7f0000000280)="223f2f7c686c63e9d7", &(0x7f00000002c0)="27bc06c016af2d21359f135ced5532375bd270aaddad999b87a18985e6d4ee4f35e134d49a4202424367f01eb1af5090acfcef2e06d48bc4b17b5967da6bacc4b03a02817a1fcdff92a25ba11e252a74acab07ca006d951558d7dcc792b0e8adeeca8750a7a32f89aded54e04cc1b588e47f4add5892332892c91a22608a84844fe24a0858bfef192dcb2d675dc06b40a500bff0fc7fee5b79ada9ce8e30c137de9e29218e0da562f4273637dfc524f72cc2283f9a38c90ffff27d5c6b1d470e1ce93ecf51e235bb2f8aa941c7f16a9c"}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:45 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x4000000000a00, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = memfd_create(&(0x7f0000000080)='\x00', 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000100)=0x7) 19:01:45 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={&(0x7f00000001c0), 0xc, &(0x7f0000000400)={&(0x7f0000000340)=@ipv6_deladdr={0x7c, 0x15, 0x1, 0x0, 0x0, {}, [@IFA_ADDRESS={0x14, 0x1, @dev={0xfe, 0x80, [], 0x16}}, @IFA_ADDRESS={0x14, 0x1, @local}, @IFA_CACHEINFO={0x14, 0x6, {0x6, 0x4, 0x6, 0x6}}, @IFA_CACHEINFO={0x14, 0x6, {0x0, 0x3f, 0x7fffffff, 0xa3f}}, @IFA_CACHEINFO={0x14, 0x6, {0x7, 0x800, 0x4, 0x5}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x8000}, 0x10) 19:01:45 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xf3ffffff00000000) 19:01:45 executing program 1: chdir(&(0x7f0000000240)='./file0\x00') symlink(&(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='./file0\x00') link(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file1\x00') 19:01:45 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x40030000000000}, 0x10}}, 0x0) 19:01:45 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200000000000000}, 0x10}}, 0x0) 19:01:45 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f000099e000)={0x2, 0x4e20, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvfrom(r0, &(0x7f0000f9cf9b)=""/101, 0x6478c8501c739ddb, 0x0, 0x0, 0xffffffffffffff39) 19:01:45 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x800, 0x0) write$P9_RVERSION(r3, &(0x7f0000000100)={0x13, 0x65, 0xffff, 0x4, 0x3, "395032ff18e434b20942b2217a356a632c01303030"}, 0x390) ioctl$KVM_GET_REGS(r2, 0x8090ae81, &(0x7f0000001300)) r4 = dup(r1) write$UHID_INPUT(r4, &(0x7f00000002c0)={0x8, "4d6a967fb9c667ac135c76f35c8f42fdb4aa4a2ce1229b67d19c0c0f528f0163ad03e5e06d5c7165f8a640f6828855643e9905eef7b1406740ee1506b57e9e1de3c1f9f1680a42b2a3272774c5ff84ed027e7a9b5d0aadfae1e494715dff2495ae309884e5995e1a4a955b948d96d7e67f7c4326056d8aa524b4b69e3fa0ccbcb5d32d099c0ac409a9c6454be0737ed877b92a4304cdf3c15434bd204cb9dcad7c62906e1078b942a1cbe4b522ea6d30cd46a47870ac8cb8744b98c7843ec19bcec893910ec8f77b4b4113dd4c645985f2776e193528910249ca3ac6e770a82984866b6e351175a134120f2a7dfdf1309a9b58663b82f982be3edbc93cd5fbcd2e7cd7f9d66b56b6de7a05f1f50fd94224d2e2632d2ec25ba7588b434e8b3b6dc17de7525769e3c21a39633222afe90f32efe491c9ee7e90ee194af02177393d0c650abd2c0cee4685ab6eef9e16271ff45c7919d7fb8aa15ed8278011440ad24f0059b24421287cb9e851f335c0b5f4fe67991981751eeff9ede9e938caccbc45344a87d6d4ccdc04db292eefe6d1a510a6a2f7fcde22733a6daf4b9f6cdbc27752c8002c5caef311107c1a1a9231e38982e346e0f2db9f3a249b088e5bdcb961afd781f1130645b36172d1e7aa3a5a2e42fb7836e7c513b566b7da3b2c0fb2da5adb439322a9730aa16bef1518dfe692dda3331146691cc67e567a3692ab0761a3d222aa9e0bb74f4722f8df61692bcf7c8e114f6a1e266c731d6972aaf8677781b98dd87fe76d3790a4ee648fb96d288912ed5dff7b04150aaca13397c7d96f94bbacf12addc6b04757c9ec03c82ee8f1449d7faca081c6f4f34a86683c75898adc32df3ea79efed4cc840f5442bf7c9a2c3bd5df89fa18c5f7a383372362f7e4480775f2da179539e36c728e2f0b554b234138163c0dca1ae1deac8e04b46709980a023f91c69a62e1744a245ade41f1ed260ad9568fd8a582d9193e27e0132107c8e03e0d253595b8299e65415b36a5d6ddef7bb82afa6900b272b366f02d5b4b9882fbf06fd9fbb2984eb904866b059edf1186e4fea7c8c1b7a8f2c55c49224cb4acca880be8aa347864a4c3794e061c43ce37577f03e80fa636a1fc37f3620e9cd946e56a677f5069cdcb2feadee69aefb56a81303772578c5f0db83df493f847fed3a1af1625342a9f24c86174c7faf62feaac9c058c11939ee7d1f7aac0eb1a09d6637efbcbe6e95a5faa61486ced0961a1994ef789181a104ac1033d64ed84a4b8a2a3347bf819536d475652db7612f5f482c931e02a05e3abcb3b705f08504e275dc2b8380980f5d4adf811e02370058de0ef9ec2e2f3b955f6aade9aa43247335510772999b89acf322647ad3a883eff2d06131f7ff1f46b228790812cacb1bc58bd062398ef9843597696d0534876a56e2bdc884651052a7c7cd93405cb3bbf7af50f24e2dc49dad54edf2c692ca7886ac32f83b2c2d4415d242826880d56d47d0ae075b9f65070fb2a79efdb44849f5a9bd11e5a8b96dd7d0a45ba292d115edd8cd2a2616da43ff44b1b97c70a8d68f0672d6d9f6abd4b2c2a0547e9a5953aa2fce42785f0f50713a07338d13a8527fccff11934589352c722e201f9c689480fd1df9b787daac9b8ea8d4f514a831fbcb8ade01d2bb11a46b6ea0d87673cd3ba331088aa1708acd9b42db5fc88fceea823b6ac838fe9314a3682ed1303afad2bdec36a47f147fb1573440bd57912d02d6ed66fcd1cefbd312a0a90b5b07b1816c340f68bf180247677d2b4c265c3eec922d7e802447e9cf8c0802fda5587076b088dbefd91765f08bd6ec75a0fa5924e529b91fefc1a71bae870e6f5496ab4aea059e8ad5128159d94cafe0378890fff7774e1272caab7602986c4875d3f740e349683b7a9459b64e90fe39a3bb4f55d8554935a0a5f699b3e6e674b74d51673d81161e5040f80c47a31218bb7ddecb9a5e4f3cdbb91f13f060282d4ab816b92634f42830223c33da6087df0ae310b7946433627d88a6207ac7d8597501e24cfd3dde20bbc50797cbb7de504b752e970c0c0211c49fed9a3837418d0055e606ca3ee9c95ddef939392a36ff775a448fb2268dc85573c09ff52d7328f7a32b47461eace88208a3613840580a3aaa5fee148a36bfb6f9c4b5fe7d7db04108d20b0825be069f7192b9409a0a3a0e0e268f70acb6fb1b6e66d0ae75812f9a243faa3c67c344998cb4d970296ab6f334898bbc1c0d9daa2bd4a9c2e15f7abb534e1cd069b0cd0c070032df7f9d90cfe03aea0eabdddd4bcd3c2173d1d14aed6fa2eea6caa376fa4e534b87a6ad794f2fc40daa35cc424b9466da5eda0b92fe28c5af79a1b9ee91d2b8d1bb8f6ddc6584bdc066382aace19e0a1cd826032ab020d0f974be9a5a3cb177fae2344459024b90e8cfc407d4dc8077ca48103668b99f1f4e654e746121151127a17bb4553552d5b2f5ebd23f52930b6b676939c3680beb41adbbde1592f21f5f38ca2297d1399ef6c224107fa3a3bd1edfe918de8e07e6032f2d04e82041b76ff8c9cd46301ff3544662edf705229636217f7b4a64f8d0d47bb741261f9b1fbe04ef22d8c0c737069793549513855fc77a1934b5cea4b5f5bfcb84bca5ac633c26fe2d85c6ea3fd04a4ef9e514e5d68c3ad27d42e94066eb72ea8ba6e4b1cdb80860578245469498185fda8338a159f1d29615f20ffa7aae0338c0a164ccfe3016feba331b9f18cd26b7b42cb93d48cb6a27d7e3b06cd59109ce63a5314b4448bdc66fb6d5ff76a95ebdf43af0235b3bd1c8b90b9653b2de79d5e26815c49ccf7d5a28e1e6886ab99ca48b401a30290197c9990f1d4c0c0be7fa1402618ec6e5cbef3844a678b37fa5e11e5b9e49229a17112397a9b3769c249044dc44bb3b78d6ae396443ac9ef20f213ec9781debff973a46cdac2616bd93203c4bd60e6bdf60587ee294b98892fb097fa6a9e03b04eb88182a7bec0e7d15348be6adb6f69807d2236f601e82da7ff67b4bb67a6251b994ae6e9ea8f537f608558966b7af1726451c7b510fcfd78829e5a7055b826c2d899ff1a674e0c0ffdba4741fed8aca2b3d4d1936997636ca00c66acd3976c1116669759659abf926e774c033b970283af7b8a7c3eb46e44ce7abbf626d7cc82a8f115d1678ee2d73f224fe89437ee2e27f31f83b5a515d0436282e0c7c9efb9978fd171aac27d45b46932d22d301e490f5a60e93cb1c62341296f5a06babaf0bdf19f8658772283e403b4b1d163404ce6b6a35e33aac36503c75216ccc8583890d16e30352eaf43073825fee89358d6b5b9f7c2071d90ca9655f8eded179c338aa2bd6fe7ffb264ed91f0298b93f63df1e2fe9541ae2c0a135b42f8a5ad5d67120a0a1775611a1f784eeab8d7dda5b2b76daee7e81fd3baae3ff6aabfcedc096918f716421e44b9ed95005422519875b506250b8ed7b88545460c8097fb4f4d35ff30bbdec8f35f24ecd7c0720759dbf4efc306fc639f64810cc99b60a35ab0ab84a91f83ad6c9ced88e80613025752872116693ab10f68d5e756dafd3454178f87141f2b6086495d4d78cfb0abcb5fa53bc18a633694e9c1f734c6a6b9e7c0c78d9666b695c2630a7b7c840f4b469657b85efe7dc20c0e6228b2b7e684205dd8766f089a609161c42948ae5f99bf2dda1fefd7b6e1c87a8cbb3ac90179acd56f46aacc82c8dc106bd77c11da5b735b270eed25fa1efa1076d24bd5bbb53567502b5c99cdab70760f601f8eac5c3ac74ba84e44e064810d3365e56c9796d719572447704954f905be72fc56907dc5e290574143aecc4df450e7ff9e57d3a051f638aee4cb76a90bcd04b1e8f0007ccc706cf632a40c70f3c7d9a83f669822f225dbd8ad9550e3ffe9daa234155215be017239ba1b8125ee3a47f93ebf3ac530ec863c7eb846c10d221c2854b2a9d708ec611a7eb68ecd2755c3fa4b671cbde2c53d94272522c902610dfa705da93d973b510ad51b25da90ddc672a35bdbceef886c8ac68d60994b31b21047eed4b24850f8fa25adaf31d5c3470a10784f5256bcac90999934267ce4be8d67fa1fc2bc30cf2fe77e49eb1e39db3283cc944c314cc795459c1da2df132a841c38fc011b1ef38a8f449111743d6177ec560495ca99bad9847290a888465963ceffef6c8dd34fe74f8eda1e8f5bb760ea6d2db14f844dc6284260313b8541108b314e119133f5cdf093f880bc6610fc56954d688ed77a836b93bf2be841b1917f1c0c4bda60d4c3c0cd680b913ee0846203f25b7ed6f9897cd8603a13833a9c1c8f58b07a371192ca5670cc06542f9cc04f02f70d081c1df947aaedf2132d846c52c0f8b1d18943908ac4864a0f2aa85a13b759e91be5708d8287c1c719c6cc86a5b22e55109ed6c4779dc86e33878c0d7c43ec42d06517258633f98e223c17babb43aef8917d37f4d02e1de77419843421e1e08949c635e67c40adf699b65f41ce122ba4eaaac51307a82c0507c6e26aa05959da928dfc25f0d5f2d59e8610d685153270ea88918f653a0b344480226447acc5dbd37e1c69176aea8967d8c83b46e188d95d7173c1473d71a70dd116cc4066b662bd8f8e9b9b036f8f1d869fa9b3cf15b43725be64cf15cd5e4d271d2815f426a2ffa7440c14c66ec9043b3615dfc8d4ebd6183c384826548afa83d9f3ef2fa9a7b3e5f65e40ff7c990b05178cc0cbcf6779fe4fc106b79db4cbbc6ceb0575b31e8ca937d8e06ec47024b15ebdac29765b5b55a08c0ea876fc0f13048cc16ae31bdc4c1c8e0b38aaeb8b5cdc3fb7534bd8a3ebe4ceb3535a4e521c887ed77826743526a45d1699307ef46e89e2de5f781cdb539c510b57d18bbc0c59ba1d9c01b31074715373a1f45eb7180ed03f53a2aad28db2a9d522aab61ca8978926d86cee1c7b222ac48cb7eff3d2e81d840a68f5ab03659ab303882365995b95cf9213d4a0f2b70fdfea1c84d291ed4fc94282d455481fd22cac78adf19473f5ad489aae6e10aa31f5779e13b8b1f51d188282faf1e6f6d2e63356ca806525a442901759399d417f987a61dacc0b0e0b4100c1dc9c80d68956c1bce2aa085bacda295aa6e1fd69e28131a0df665d3b89f8504f14f24f6a0441eb000250a91462af07a84d54e5d178ec49bbf937ab2f94e471e51a2c6f1672fed73ffe1a271c2b41ae6053f5c0e52b78a1456e7cd689db3fcf2af7fd78b62f219de43fa99dc99d99374894024ce01fd8cd1eea518992fe6d4cf21152e738e8f03b1027e644258a142b957310eab239ddceb0cdf3336352cdd4d1fe6c546ff358e1732b0878070aff6494b2bce1eae2db61f922dac4db2aa7fb36fd7f6605beb80bef234bb4fc8ea9231c1562526d0fa81e821634016bf90be0b88437ffa00f6c00ace294da153dcadd5d56780e500e3dd0bdbda249a06b86ca6975cbac5e89bc0a216fabe3d84e71f7627f6c2b1c728dc651da6949b10f7cefdd91cca06239f84e90ee068486517d1ef34ebb365c7fcbafb5043e87bef42b84f37f65911d1a9e41d4b57d109e1ec38d1998ff23cd57727a714b0432b4ddf71015da514482ebe31656102ae8c18e50f2edb7a03551979de50d09f1085a76c61093a4e9a2d8efc74fca2efd561553695067cf5e6f7543219a279b84c283dddd5f04395ff4b8668c381d03ea7bb23acbf348072411b1858d8960689a915ae56977816f055932f639acecb52e347ff8c7a8af4771f0b97960ad69a73c59853ce14ccdefa215fb423253d59fbfcb8b91d277cfd500", 0x1000}, 0x1006) 19:01:45 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x3f00000000000000}, 0x10}}, 0x0) 19:01:45 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x830000c0) [ 518.353088] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 19:01:45 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:01:48 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x65000000) 19:01:48 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) open_by_handle_at(r0, &(0x7f0000000200)={0x7b, 0x9, "56f10af6ea4680db40d32371c90905642ff41db20c83bbe6780bc358973e3ec132ed44baba022ea9d9a9b570d44feb62e3996876bfded9544ed910e320c8d2221e5866a3753b2a6f4d8346104ff917bc87f7ffdbe590ea43bf83640ae9cee73228856b35961e706e41744962fcdaa8fd27dcc4"}, 0x4040) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="00000000dad64a"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0xfffffffffffffffe, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:01:48 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0xffffff7f00000000}, 0x10}}, 0x0) 19:01:48 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40030000000000}, 0x10}}, 0x0) 19:01:48 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/lblcr_expiration\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e22, 0xe3, @mcast1, 0x8001}]}, &(0x7f0000000180)=0x10) setsockopt$inet_sctp6_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f00000001c0)={r4, 0x7ff, 0x0, 0x7}, 0x10) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r0) tkill(r1, 0x1000000000015) 19:01:48 executing program 1: r0 = gettid() rt_sigprocmask(0x0, &(0x7f0000000000)={0xfffffffffffffffd}, 0x0, 0x8) timer_create(0x0, &(0x7f00000001c0)={0x0, 0x12, 0x4, @tid=r0}, &(0x7f0000044000)) timer_settime(0x0, 0xffffffffffffffff, &(0x7f0000000280)={{0x77359400}, {0x0, 0x1c9c380}}, &(0x7f00000002c0)) rt_sigprocmask(0x2, &(0x7f0000000140), &(0x7f0000000240), 0x8) 19:01:48 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:01:48 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x900}, 0x10}}, 0x0) 19:01:48 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) setsockopt$inet6_MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xcc, &(0x7f0000000080)={{0xa, 0x0, 0x0, @ipv4={[], [], @broadcast}}, {0xa, 0x0, 0x0, @remote}}, 0x5c) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000400)=ANY=[@ANYBLOB="010000000000000084000040"]) 19:01:48 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4000000}, 0x10}}, 0x0) [ 521.739940] kauditd_printk_skb: 33 callbacks suppressed [ 521.739953] audit: type=1400 audit(1537556508.886:183): avc: denied { map } for pid=20823 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:01:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xc0010020) [ 521.853684] audit: type=1400 audit(1537556508.996:184): avc: denied { map } for pid=20829 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:01:49 executing program 1: mkdir(&(0x7f0000f4eff8)='./file0\x00', 0x0) mount(&(0x7f000000a000), &(0x7f0000000000)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, &(0x7f000001c000)) chdir(&(0x7f0000000240)='./file0\x00') symlink(&(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='./file0\x00') link(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file1\x00') [ 521.922736] audit: type=1400 audit(1537556508.996:185): avc: denied { map } for pid=20825 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:01:49 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x4, 0x2) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000080)={0xa18}) ioctl$BLKREPORTZONE(r1, 0xc0101282, &(0x7f0000000500)=ANY=[@ANYBLOB="08000000130000000800000000000000060000000000000007000000000000000900000000000000000100fb00000000000000000000000000000000000000000000000000000000000000000000000009000000000000000600000000000000010000000100000001ff00010000000000000000000000000000000000000000000000000000000000000000000000000800000000000000f9ffffffffffffff7cd30000000000000005ff08000000000000000000000000000000001e83dea8000000000000000000000000000000004000000000000000000001000000000006000000000000008100070700000000000000000000000000000000000000000000000000000000000000000000000003000000000000007f000000000000004a0000000000000003ffc1000000000000000000000000000000000000000000000000000000000000000000000000002d0000000000000000000000000000000000000000000000017f180200000000000000000000090000000000000000000000000000000000000000000000000001000000000000000100000000000000020000000000000009944a09000000000000000000000000000000000000000000000000000000000000000000000000080000000000000007000000000000004500000000000000ff0501000000000000000000000000000000000000000000000000000000000000000000000000009e0b6a895c69b822aefa512e596a33f09400416530e5834da7fffd540785378c"]) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 19:01:49 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x34000}, 0x10}}, 0x0) 19:01:49 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4}, 0x10}}, 0x0) [ 522.096592] audit: type=1400 audit(1537556509.026:186): avc: denied { map } for pid=20830 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:01:49 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000000c0)={&(0x7f0000000080)='./file0\x00', r0}, 0x10) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r0, &(0x7f0000000100)=""/43, 0xfb) r3 = syz_open_dev$mouse(&(0x7f00000002c0)='/dev/input/mouse#\x00', 0xffffffffffffff80, 0x1) mkdirat(r3, &(0x7f0000000300)='./file0\x00', 0x80) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r4 = syz_open_dev$usb(&(0x7f0000000140)='/dev/bus/usb/00#/00#\x00', 0x7fff, 0x0) r5 = syz_open_dev$vcsa(&(0x7f00000001c0)='/dev/vcsa#\x00', 0x9, 0x0) linkat(r4, &(0x7f0000000180)='./file0/file0\x00', r5, &(0x7f0000000280)='./file0\x00', 0x400) dup2(r0, r2) tkill(r1, 0x1000000000015) [ 522.179506] audit: type=1400 audit(1537556509.116:187): avc: denied { map } for pid=20839 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 522.205487] audit: type=1400 audit(1537556509.146:188): avc: denied { map } for pid=20843 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 522.227849] audit: type=1400 audit(1537556509.216:189): avc: denied { map } for pid=20848 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 522.319753] audit: type=1400 audit(1537556509.226:190): avc: denied { map } for pid=20850 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 522.355511] audit: type=1400 audit(1537556509.226:191): avc: denied { map } for pid=20849 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 522.378555] audit: type=1400 audit(1537556509.306:192): avc: denied { map } for pid=20852 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:01:50 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x900000000000000}, 0x10}}, 0x0) 19:01:50 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x70001c000000000) 19:01:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x80, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) 19:01:50 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x400000000000000}, 0x10}}, 0x0) 19:01:50 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f00000000c0)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) r7 = syz_open_dev$audion(&(0x7f0000000380)='/dev/audio#\x00', 0x1, 0x101040) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f00000003c0)={0x0}, &(0x7f0000000400)=0x8) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r7, 0x84, 0x75, &(0x7f0000000440)={r8, 0x8}, &(0x7f0000000480)=0x8) r9 = syz_open_dev$mice(&(0x7f0000000140)='/dev/input/mice\x00', 0x0, 0x2000) getsockopt$inet6_IPV6_IPSEC_POLICY(r9, 0x29, 0x22, &(0x7f0000000280)={{{@in6=@ipv4={[], [], @rand_addr}, @in6=@remote}}, {{@in6=@remote}, 0x0, @in6}}, &(0x7f00000001c0)=0xe8) syncfs(r0) timer_settime(0x0, 0x4, &(0x7f000006b000)={{r3, r4+10000000}, {r5, r6+30000000}}, &(0x7f0000000180)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:50 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x900000000000000}, 0x10}}, 0x0) 19:01:50 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x100000000000000}, 0x10}}, 0x0) 19:01:50 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/igmp6\x00') r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/enforce\x00', 0x10020a01, 0x0) sendfile(r1, r0, &(0x7f0000000000), 0x7ffffffe) r2 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = gettid() r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r4, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r2, r4) tkill(r3, 0x1000000000015) 19:01:50 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0xffffff7f}, 0x10}}, 0x0) 19:01:50 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1c000000) 19:01:50 executing program 0: r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) socket$inet6(0xa, 0x3, 0x8) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000080)={0xfffffffffffffffa}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x200004, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$ASHMEM_SET_NAME(r0, 0x41007701, &(0x7f0000000380)=')security,{vboxnet0wlan1\x00') r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 19:01:50 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0xffffff7f}, 0x10}}, 0x0) 19:01:50 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xc000000) 19:01:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x10002, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:01:50 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x9}, 0x10}}, 0x0) 19:01:50 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xc0010141) 19:01:53 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)=0x0) timer_settime(r3, 0x1, &(0x7f0000000080)={{0x0, 0x1c9c380}, {0x77359400}}, &(0x7f00000000c0)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:53 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x9000000}, 0x10}}, 0x0) 19:01:53 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:01:53 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x100000000000000}, 0x10}}, 0x0) 19:01:53 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x33fe0}}, 0x0) 19:01:53 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xb000004000000000) 19:01:53 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$bt_rfcomm(r4, &(0x7f0000000100)={0x1f, {0x4, 0x0, 0x40000000000000, 0x4, 0x2d, 0x3f}, 0xffff}, 0xa) clone(0x206102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) r5 = getpid() sched_setscheduler(r5, 0x5, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:53 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x200, 0x0) write$P9_ROPEN(r2, &(0x7f0000000100)={0x18, 0x71, 0x1, {{0x2, 0x5, 0x3}, 0x3}}, 0x18) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) getsockopt$inet_sctp_SCTP_STATUS(r2, 0x84, 0xe, &(0x7f00000002c0)={0x0, 0xa2d, 0x6, 0x0, 0x1, 0xffffffff, 0x7, 0x9, {0x0, @in={{0x2, 0x4e24, @multicast2}}, 0xfffffffffffffffe, 0x6, 0x0, 0x1, 0x3}}, &(0x7f0000000040)=0xb0) setsockopt$inet_sctp_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000240)=@assoc_value={r4, 0xce2c}, 0x8) openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="27f61d06008bd800c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000006000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0xffffffffffffecf) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 19:01:53 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x3f000000}, 0x10}}, 0x0) 19:01:53 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0xf}}, 0x0) 19:01:53 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x700000000000000) 19:01:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="07bf3e3ef64a94d21e6b59230dbf5ce3631e8ce44b143cca68555fd8acb301720dd290bcd1337860c44cd1545d04402d563c"], 0x7) add_key(&(0x7f0000000000)='dns_resolver\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000100)="2954b3", 0x3, 0xffffffffffffffff) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_PPC_GET_PVINFO(r1, 0x4080aea1, &(0x7f0000000300)=""/106) ioctl$KVM_PPC_GET_SMMU_INFO(r1, 0x8250aea6, &(0x7f0000000200)=""/90) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 526.777667] kauditd_printk_skb: 27 callbacks suppressed [ 526.777681] audit: type=1400 audit(1537556513.916:220): avc: denied { map } for pid=20981 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 526.879724] audit: type=1400 audit(1537556514.026:221): avc: denied { map } for pid=20986 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 526.988387] audit: type=1400 audit(1537556514.066:222): avc: denied { map } for pid=20990 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 527.054798] audit: type=1400 audit(1537556514.086:223): avc: denied { map } for pid=20993 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 527.078790] audit: type=1400 audit(1537556514.116:224): avc: denied { map } for pid=20994 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:01:54 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) perf_event_open(&(0x7f0000000280)={0x7, 0x70, 0x65, 0x1, 0x10000, 0x3, 0x0, 0x9d33, 0x1040, 0x6, 0x3f, 0xe03b, 0x100000001, 0x7ff, 0x6, 0x7ff, 0x401, 0x1f, 0x10001, 0x9, 0x3b2, 0x9, 0x2, 0x74, 0x2, 0xc76, 0x1, 0x9, 0x1, 0x1, 0x4ae2, 0xecc, 0x7fffffff, 0x7, 0x49, 0x8, 0x1, 0x9d88, 0x0, 0x3, 0x2, @perf_bp={&(0x7f0000000100), 0x8}, 0x50, 0x9, 0x41d, 0x5, 0x10001, 0x100000001, 0x1}, r1, 0xe, r0, 0x8) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x6040, 0x0) setsockopt$SO_RDS_TRANSPORT(r3, 0x114, 0x8, &(0x7f0000000400), 0xffffffffffffff6e) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socket$inet_udplite(0x2, 0x2, 0x88) clock_gettime(0x0, &(0x7f0000000380)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000300)={{r4, r5+30000000}, {0x0, 0x9}}, &(0x7f0000000340)) dup2(r0, r2) tkill(r1, 0x1000000000015) ptrace$setregs(0xf, r1, 0x7, &(0x7f0000000180)="56c073f4f1a8dadbf0ba6fa21a4b437e55241e381ff97eea5661572b051664f866f5cb0ed614a785a0a12d0d71adcb99c6491b4ff635b1451e807dcc5599e2b50f60669f3450ec5dd8856e676dbadc0b2e5a459667e8262a9fec7ccf4f3c6938b6d8f082b19ae5a7c4afe395b563bd3266bddb8dc7") 19:01:54 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$bt_rfcomm(r4, &(0x7f0000000100)={0x1f, {0x4, 0x0, 0x40000000000000, 0x4, 0x2d, 0x3f}, 0xffff}, 0xa) clone(0x206102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) r5 = getpid() sched_setscheduler(r5, 0x5, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:01:54 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x900}, 0x10}}, 0x0) 19:01:54 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x7a010000) 19:01:54 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0xfffffdef}}, 0x0) 19:01:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000000)={0x5, 0xff, 0x9}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 527.102329] audit: type=1400 audit(1537556514.196:225): avc: denied { map } for pid=20999 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 527.138918] audit: type=1400 audit(1537556514.286:226): avc: denied { map } for pid=21001 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:01:54 executing program 0: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x40000, 0x0) setsockopt$RDS_GET_MR(r0, 0x114, 0x2, &(0x7f0000000300)={{&(0x7f0000000200)=""/231, 0xe7}, &(0x7f0000000100), 0xc}, 0x20) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="07ea86ee4b90fed3b017a87d56a4e5"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 19:01:54 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x20000090}}, 0x0) 19:01:54 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x9}, 0x10}}, 0x0) [ 527.315396] audit: type=1400 audit(1537556514.456:227): avc: denied { map } for pid=21020 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:01:54 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x6e0) [ 527.409602] audit: type=1400 audit(1537556514.506:228): avc: denied { map } for pid=21023 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:01:54 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$bt_rfcomm(r4, &(0x7f0000000100)={0x1f, {0x4, 0x0, 0x40000000000000, 0x4, 0x2d, 0x3f}, 0xffff}, 0xa) clone(0x206102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) r5 = getpid() sched_setscheduler(r5, 0x5, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) [ 527.445721] audit: type=1400 audit(1537556514.516:229): avc: denied { map } for pid=21022 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:01:54 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 19:01:57 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/mls\x00', 0x0, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) r2 = gettid() r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x80008, 0x3) read(r3, &(0x7f0000000140)=""/43, 0x2b) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='pids.events\x00', 0x0, 0x0) ioctl$DRM_IOCTL_GET_MAGIC(r4, 0x80046402, &(0x7f00000000c0)=0x7) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) perf_event_open(&(0x7f0000000280)={0x0, 0x70, 0x6, 0x6, 0x9, 0xf7, 0x0, 0x6, 0x808, 0x1, 0x6, 0xbf, 0x5, 0x8, 0x1000, 0x54ad, 0x7, 0x100000000, 0x9, 0x6, 0x20, 0x9, 0x9, 0x6, 0x5, 0x80000000, 0xb962, 0xdd06, 0x1f, 0x3, 0x9, 0x40, 0x80, 0xc000, 0x2, 0xffffffffffffff15, 0x2, 0x9, 0x0, 0x80000000, 0x5, @perf_bp={&(0x7f00000001c0), 0x1}, 0x10810, 0x7, 0x9, 0x6, 0x5, 0x5, 0x5}, r2, 0x2, r1, 0x8) setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000180)='hybla\x00', 0x6) dup2(r0, r1) syncfs(r1) tkill(r2, 0x1000000000015) 19:01:57 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x20000250}}, 0x0) 19:01:57 executing program 0: r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{}, {}, {0x0}]}) ioctl$DRM_IOCTL_GET_CTX(r0, 0xc0086423, &(0x7f0000000200)={r1, 0x2}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 19:01:57 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xfffffff3) 19:01:57 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) gettid() r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r1, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$bt_rfcomm(r3, &(0x7f0000000100)={0x1f, {0x4, 0x0, 0x40000000000000, 0x4, 0x2d, 0x3f}, 0xffff}, 0xa) clone(0x206102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) r4 = getpid() sched_setscheduler(r4, 0x5, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r1) 19:01:57 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200000000000000}, 0x10}}, 0x0) 19:01:57 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x3f00000000000000}, 0x10}}, 0x0) 19:01:57 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x7ffff000}}, 0x0) 19:01:57 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="0703000000549c"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:01:57 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xff0b0000) 19:01:57 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x400000000000000}, 0x10}}, 0x0) 19:01:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="8c7708483e8017c0f3255d7710e1070ef31b5fa96457d46191be132acf73ff0f0000000000003c486e2c38c2faa10fee2018ff002cd3a3a732c5b126286923ea6ae51e2f91"], 0x7) seccomp(0x1, 0x0, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0xca9, 0x2, 0x4, 0x9}, {0x5, 0x0, 0x1}, {0xffffffff, 0xac, 0x8, 0x8}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$PPPIOCGMRU(r2, 0x80047453, &(0x7f0000000000)) ioctl$KVM_RUN(r2, 0xae80, 0x0) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2, 0x0) socket$kcm(0x29, 0x5, 0x0) 19:01:58 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0xfffffffffffffffc, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x3c}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = dup2(r0, r2) tkill(r1, 0x1000000000015) mkdir(&(0x7f0000000140)='./file0\x00', 0x8c) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) syz_open_dev$dspn(&(0x7f00000001c0)='/dev/dsp#\x00', 0x7ff, 0x0) mount(&(0x7f0000000280)=ANY=[@ANYBLOB="186465952f6c6f6f703000d3bb8af038152a7111157a546c6c65774f7310314c365569bc76648c3db1776a51c49463462a5f319c961ad46cf0cb3d039f94e4ad5f539247fd8af4f78c0b2a8b0f7e5eb4d72a51d84dd7d1a571bcea1a47b72bf1c01d979eaa5e6016e53662c38ec03de3739c8761516b2bf3198996e936c8b2cdea60d4"], &(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)='autofs\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080)={0xffffffffffffffff}, 0x13f, 0x100b}}, 0x20) write$RDMA_USER_CM_CMD_DISCONNECT(r0, &(0x7f0000000100)={0xa, 0x4, 0xfa00, {r4}}, 0xc) 19:01:58 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0xc0}}, 0x0) 19:01:58 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x15) 19:01:58 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40030000000000}, 0x10}}, 0x0) 19:01:58 executing program 1: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r1, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$bt_rfcomm(r3, &(0x7f0000000100)={0x1f, {0x4, 0x0, 0x40000000000000, 0x4, 0x2d, 0x3f}, 0xffff}, 0xa) clone(0x206102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) r4 = getpid() sched_setscheduler(r4, 0x5, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000015) 19:01:58 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x2}, 0x0) 19:01:58 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x7f040000) 19:01:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x2000800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_GET_XCRS(r2, 0x8188aea6, &(0x7f0000000200)={0x9, 0x6, [{0x0, 0x0, 0x1}, {0x2}, {0x18000000000, 0x0, 0x10000000}, {0x9, 0x0, 0xdc}, {0x5fc0, 0x0, 0x8000}, {0x1, 0x0, 0x3f}, {0x71e4, 0x0, 0x3ff}, {0xffffffffffffff81, 0x0, 0x201e}, {0x8, 0x0, 0xfffffffffffffff9}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:01:58 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x10a) ioctl$UFFDIO_UNREGISTER(r2, 0x8010aa01, &(0x7f00000000c0)={&(0x7f0000ffc000/0x2000)=nil, 0x2000}) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r3, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r3) tkill(r1, 0x1000000000015) 19:01:58 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1000000}, 0x10}}, 0x0) 19:01:58 executing program 0: r0 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0xfffffffffffff801, 0x50002) ioctl$KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f00000002c0)={0x6, 0x0, [{}, {}, {}, {}, {}, {}]}) setsockopt$inet_mreq(r0, 0x0, 0x20, &(0x7f0000000200)={@broadcast, @loopback}, 0x8) fcntl$notify(r0, 0x402, 0x21) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socketpair(0x0, 0x0, 0x8bbc65b, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$ASHMEM_GET_NAME(r4, 0x81007702, &(0x7f0000000040)=""/74) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000240)={0x0, 0x3, 0x4, [0x3, 0x5, 0x1000, 0x401]}, &(0x7f0000000340)=0x10) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000380)={r5, 0x100, 0x7}, &(0x7f00000003c0)=0x8) ioctl$KVM_RUN(r3, 0xae80, 0x0) 19:01:58 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xa00d0000) 19:01:58 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0xfe}, 0x0) 19:01:58 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4000000}, 0x10}}, 0x0) 19:01:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:01:58 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x400300}, 0x10}}, 0x0) [ 531.823498] kauditd_printk_skb: 36 callbacks suppressed [ 531.823512] audit: type=1400 audit(1537556518.966:266): avc: denied { map } for pid=21181 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 531.879939] audit: type=1400 audit(1537556519.026:267): avc: denied { map } for pid=21182 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:01 executing program 1: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r1, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$bt_rfcomm(r3, &(0x7f0000000100)={0x1f, {0x4, 0x0, 0x40000000000000, 0x4, 0x2d, 0x3f}, 0xffff}, 0xa) clone(0x206102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) r4 = getpid() sched_setscheduler(r4, 0x5, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000015) 19:02:01 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x8}, 0x0) 19:02:01 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xa001) 19:02:01 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x400000, 0x0) ioctl$KVM_GET_XSAVE(r2, 0x9000aea4, &(0x7f00000002c0)) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 534.395345] audit: type=1400 audit(1537556521.536:268): avc: denied { map } for pid=21187 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:01 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:01 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2000000}, 0x10}}, 0x0) 19:02:01 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0xffffff1f}, 0x0) [ 534.548928] audit: type=1400 audit(1537556521.696:269): avc: denied { map } for pid=21201 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:01 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000940)='/selinux/commit_pending_bools\x00', 0x1, 0x0) ioctl$KVM_ARM_SET_DEVICE_ADDR(r2, 0x4010aeab, &(0x7f0000000100)={0x100, 0x4000}) ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000200)=0x10000) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = syz_open_dev$usbmon(&(0x7f0000000240)='/dev/usbmon#\x00', 0x3, 0x100000000400002) ioctl$KDGKBDIACR(r4, 0x4b4a, &(0x7f0000000080)=""/52) ioctl$KVM_RUN(r3, 0xae80, 0x0) write$P9_RWRITE(r2, &(0x7f0000000800)={0xb, 0x77, 0x2, 0x100000001}, 0xb) io_setup(0x7a, &(0x7f00000002c0)=0x0) io_submit(r5, 0x5, &(0x7f00000007c0)=[&(0x7f0000000400)={0x0, 0x0, 0x0, 0x5, 0x100000001, r3, &(0x7f0000000300)="a302149be71818abd019cef7f71b8a7f6c7dcf6e6ea931495c2f0c3d48b754ffe4dc213c07b31100b6f6123a1911355991665d344c5bb4ba435929d47ec43ab9f551b385aec1306e013280b153934a91edbd32f34b524251ea31865a9111e1725c85d7de90aa09f673aad0ca389711de40d2b13309472a3e41620400f89521ef948c919a98b21ccd480c0a9d16242cb5eb3cecc8c7241e66576e3cf586243e1cea2b94152bf44cd78fcc24d9de0e4fac8a010ce6f67ed71b96af826102803fb4e9e4946377a42150928e48315abdd2e46cd728288b14133a742393a3", 0xdc, 0x0, 0x0, 0x0, 0xffffffffffffff9c}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x3, 0x2, r4, &(0x7f0000000440)="06d6e37413ebf41fe65b9239eb89f285b3a5d826973dc568f23df4d915092e08befa56e9fa56eaf87c14321bd8fd31792840c36c6c70ff920ce94c0aa185d06ff6b231ccc89ec8ada0d4f592e46bc2de44965fb37f5b9060c62cdf7120cc9d2dbea696c764e915aa96a476f146bcf503aa0ff0b96f339b5a9c0109278f3f06c47349b73cd3f12ab262552a796f8dad5e10f725a4135eec63", 0x98, 0x6, 0x0, 0x3, r4}, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x6, 0x8, r1, &(0x7f0000000540)="b38e3de1b2e00adab39a22e19824ac4d10a3afdf39f157717f41ca20b279d68edf69e181c28e0352947318b5a8c047b65851075ae6426bc422a718a35773f74cbd8e341ad3bea72d5a3eeb629b012ae390a8198f7728314e42497fd3beafd02a3c91635afc7af07336a9614b5b5a9b9118516344b65d2fe7b6dfbc777f75028e18b9b7a5be588a6b66af5d4450f86bd22ea6ca032482490d3b8f26c473583e8110a2f21fe1b7493bfca1b54c92d1c50e3d692ff40c08e4b5d88fbf65be5b049f2a03224560b565264d063ffcf7b7ebef5a81dd2b6496f218c42a40ca76ed03600cf4bc88aebce9621854514e799122261d", 0xf1, 0xfffffffffffffff7, 0x0, 0x2, r2}, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0xb, 0x400000000000000, r1, &(0x7f0000000680)="d12745f2abd0bbbd2c51756113433981afc1a4ce", 0x14, 0x3f, 0x0, 0x3, r2}, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x8, 0x2, r2, &(0x7f0000000700)="99dd973569a8b9c830feb2f304e90b103c790f7a8f1aa926766ea60969d9f80134c0300fde2675f7be741f11c4c937aa7db6186d7684288c6c417143212a024f1ac0c9ac5e29f2dc32790b337919a026f85d5f13", 0x54, 0x5, 0x0, 0x3, r4}]) 19:02:01 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x4) [ 534.581205] audit: type=1400 audit(1537556521.706:270): avc: denied { map } for pid=21202 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:01 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4}, 0x10}}, 0x0) [ 534.644382] audit: type=1400 audit(1537556521.786:271): avc: denied { map } for pid=21207 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:01 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x4}, 0x0) [ 534.717223] audit: type=1400 audit(1537556521.856:272): avc: denied { map } for pid=21209 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 534.768957] audit: type=1400 audit(1537556521.896:273): avc: denied { map } for pid=21215 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 534.796459] audit: type=1400 audit(1537556521.916:274): avc: denied { map } for pid=21214 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07061d060000ca"], 0x7) r3 = dup3(r1, r1, 0x80000) getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffff9c, 0x84, 0x11, &(0x7f0000000000)={0x0, 0x6}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f00000002c0)={r4, @in={{0x2, 0x4e23, @rand_addr=0x9}}, 0x9d2, 0x9, 0x7fff, 0x8000, 0x3}, 0x98) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 534.911515] audit: type=1400 audit(1537556522.056:275): avc: denied { map } for pid=21228 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:02 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$bt_rfcomm(r4, &(0x7f0000000100)={0x1f, {0x4, 0x0, 0x40000000000000, 0x4, 0x2d, 0x3f}, 0xffff}, 0xa) clone(0x206102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) r5 = getpid() sched_setscheduler(r5, 0x5, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:02 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0xffffff7f00000000}, 0x10}}, 0x0) 19:02:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xd90) 19:02:02 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x100000000000000}, 0x0) 19:02:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000200)={[{0x2, 0x9, 0x5455, 0x8, 0x0, 0x7, 0x6, 0x0, 0xbdb, 0x9, 0x8, 0x0, 0xc669}, {0x80000000, 0xedb6, 0x1, 0x40, 0x2, 0xe23, 0xfffffffffffffc00, 0x80000000, 0xa2c, 0x101, 0x100000001, 0x5, 0x2}, {0x7, 0x0, 0x10000, 0xfffffffffffffc00, 0x83e, 0x8, 0x5, 0x3, 0x7, 0xa1e, 0x5, 0x3f, 0x20}], 0x6}) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:02:02 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x200, 0x0) ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r3, 0xc0305302, &(0x7f00000000c0)={0x2, 0x4, 0x3, 0x0, 0x3, 0x4de}) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="fd1c1d060000c39dca24df494f322c027bf8d78c75f6b672831504af09428e41e09d7fc350123e886e888d23c67f335ad8bb48ad354faa8dd3197574efa7f3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:02:02 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x40030000000000}, 0x0) 19:02:02 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x3f00}, 0x10}}, 0x0) 19:02:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x300000000000000) [ 535.451542] QAT: Invalid ioctl 19:02:02 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x200000000000000}, 0x0) 19:02:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 535.546134] QAT: Invalid ioctl 19:02:05 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x34d564b00000000) 19:02:05 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x33fe0}}, 0x0) 19:02:05 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = dup2(r0, r2) ioctl$EVIOCGSND(r3, 0x8040451a, &(0x7f0000000080)=""/145) tkill(r1, 0x1000000000015) 19:02:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0xff, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="7a3792642783198f70db2a38bb4c78ab0b3cdeec9edac0925fd6323ce23a137143f385bcc0b8f96a97952d4734565f0076aeddeb4e2103ecbd7f8d012f731d4b25607d2b6bd1d9cb9d4d2205c93b933a8b6c97fb4ef1dc27646095c7f02da56af8d6a9261bc9dd2a5573f45fae89bf629aa4fa93cbaefc0919ac6b4249d03f30a9c121a7bb18a08b6b919970d3e83c051c31a59bcee93b378529e807db6a5b16a3b2d3b2ba069bdb83b4d8bb0b8c08d2bba04869addecd2465a0917b100fb4", 0xbf, 0x81}, {&(0x7f0000000100)="bb4a3c788fcfc79ac8644ca62f", 0xd, 0x80000001}], 0x410, &(0x7f0000000440)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=r3, @ANYBLOB="2c747970653d930308a52c3ccca3420af33e702e05e8"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:02:05 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$bt_rfcomm(r4, &(0x7f0000000100)={0x1f, {0x4, 0x0, 0x40000000000000, 0x4, 0x2d, 0x3f}, 0xffff}, 0xa) clone(0x206102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) r5 = getpid() sched_setscheduler(r5, 0x5, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:05 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0xffffff7f00000000}, 0x0) 19:02:05 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x500000000000000) [ 538.340918] kauditd_printk_skb: 17 callbacks suppressed [ 538.340933] audit: type=1400 audit(1537556525.486:293): avc: denied { map } for pid=21306 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 538.375747] hfs: invalid uid -1 [ 538.384165] hfs: unable to parse mount options 19:02:05 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0xf}}, 0x0) [ 538.439067] audit: type=1400 audit(1537556525.586:294): avc: denied { map } for pid=21319 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:05 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0xffffff7f}, 0x0) [ 538.506811] audit: type=1400 audit(1537556525.616:295): avc: denied { map } for pid=21317 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 538.563465] audit: type=1400 audit(1537556525.706:296): avc: denied { map } for pid=21323 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 538.635355] audit: type=1400 audit(1537556525.746:297): avc: denied { map } for pid=21328 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 538.669228] audit: type=1400 audit(1537556525.766:298): avc: denied { map } for pid=21327 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 538.713326] audit: type=1400 audit(1537556525.856:299): avc: denied { map } for pid=21336 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:05 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0xfffffdef}}, 0x0) 19:02:05 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x3e000000) 19:02:05 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x9000000}, 0x0) 19:02:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x4000000000000000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) r3 = gettid() ptrace$setsig(0x4203, r3, 0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xfffffffffffffff7, 0x2, 0xffffffffffffff7f}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) r4 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0xef6, 0x200c80) ioctl$EVIOCSKEYCODE(r4, 0x40084504, &(0x7f0000000100)=[0x6]) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x40000, 0x2000, &(0x7f000000d000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 538.805215] audit: type=1400 audit(1537556525.946:300): avc: denied { map } for pid=21343 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 538.877602] audit: type=1400 audit(1537556525.976:301): avc: denied { map } for pid=21344 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:06 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x20000090}}, 0x0) [ 539.034947] audit: type=1400 audit(1537556526.056:302): avc: denied { map } for pid=21349 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:06 executing program 3: r0 = syz_open_dev$usb(&(0x7f00000001c0)='/dev/bus/usb/00#/00#\x00', 0x9, 0x420800) ioctl$SG_EMULATED_HOST(r0, 0x2203, &(0x7f0000000280)) r1 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = gettid() r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r3, &(0x7f0000000140)=""/43, 0x2b) seccomp(0x0, 0x1, &(0x7f0000000180)={0x6, &(0x7f0000000100)=[{0x2, 0x6e8e8bb2, 0x80, 0x7}, {0x8, 0x4fc, 0x7, 0x4}, {0x40, 0x1, 0x3418, 0xffffffff00000001}, {0x100000001, 0x5459d4b9, 0xfffffffffffffffc, 0x100000001}, {0x1, 0x1c, 0x9, 0x6}, {0x5, 0x4, 0x99}]}) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f00000002c0)={0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000300)=0x20) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000340)={r4, 0x46, "69822a3f335d56ba7f326cee77ca3495d7bee0206e576052704de881fd842488790731306d6d104b09b07ecd939b090b17d402c52dacb473e01d7e562f79b0fe3e291cccc4a6"}, &(0x7f00000003c0)=0x4e) getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000080), &(0x7f00000000c0)=0x4) dup2(r1, r3) tkill(r2, 0x1000000000015) 19:02:06 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x2000000}, 0x0) 19:02:08 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$bt_rfcomm(r4, &(0x7f0000000100)={0x1f, {0x4, 0x0, 0x40000000000000, 0x4, 0x2d, 0x3f}, 0xffff}, 0xa) clone(0x206102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) r5 = getpid() sched_setscheduler(r5, 0x5, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:08 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x800000000, 0x80040) ioctl$TUNGETSNDBUF(r3, 0x800454d3, &(0x7f0000000080)) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000700)={&(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000006c0)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x5, 0x4, 0x5}) ioctl$BLKRESETZONE(r3, 0x40101283, &(0x7f0000000740)={0xffffffffffffffe1, 0xfffffffffffffff7}) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f00000002c0)={"85cbf1e68287208b2ab51a66f3813892882bf07f59911b91a63fe53caa9a131e57ad23d6ba0c2d65619e943c8ec840b55072f659833bffe3d8010d3aff48412eeb8e96984870ca4db0136d9b28423af9b14a936a369eae776446f5855ffbbc37e88c5ea89d20e79f50b8fe401d72b65b0c2919da193bb099874fb730dba914f14fe2ce4b0f32fe0cfc21c7b7a4feb278ec7ac32e7bd469aa160547d60e8d42bfba2c9663063a056350b8c97d8f926172223d594e4499de9208aa29127cfc037c4a49de3b8f35f534be868f619037e126c6e75de12d7698f3987b3d5c4c1f3f6dc644301a6666cb1fcf0b08410caadaf0352ebd198dfd24a646cf590c42593f5436caae18c7397f706a83fef488984180f340e49171ee18bafbfe9e566c0fb2dd2e57142bb7dfba049882a941534d4ce6d111b4beb23ec006206c2a9d0f4a69891efd51c47de8dc915fe811c26fac7a321aeada8ea603bb07c540e33435f0a686a0e171f8834c4c16d12bf9d926fa3d65abb604dc9422e3066f3c3488f8643a9c2f9f2d217f255869f98dff54e4367b2d13f8844ba4ca42035446fa7a0aaeade3b5ccad95588405ec0dd4835b023f75fd7e1290dd955818bba45b730a25eb102352a20f1fcfe9c4b985ebb826d7f0d72e965dbb402e37ff0b27476b13dc76c03467dad2c06fae54e2eef7dec0622dedcd2869b80b48977aa2ae382957aff91057928b07bf63f2be9a78f94ae061e1b839126e6e268e6ef5d68caec810753133bd0bfca3bddc4280cabcc30f322941daa81c6b95169640e7d6df34255b449a5c5fda0d755c6f6325e1d66c4ce93869ed69883abb7197811015be1440ff42cef900fe0bd05c15c68ee5bcdfa6d6b66d832fb29061cb899fddf355b668a37439199412ce8cbee8c28744a40479c35139198b0e26f9b15c7e09306b07c7fe9d256567bbaa91cdbb6e17f317c1e122bd45a75f2e4937e33306fb6a32025ae257bf775e8addba2efd7cf76873a29b917cdc471c4d6c7c295a80834c093c1c93cfebe1271165a9cb732d43fb2ceffe0f128feeacae2a094e95d8596be836ceec4ea4eda7f9bfcdbf454efacb5a77b5b9ea106b3294ebda4c584284c745a10cc7dc655e0283f0a9fd5c84a3b35c1c0f59485658f9a468ddd03475361945f91f5c5269aea1ed4c86fc7c6260b7e1e77532061f8b928d97270259940a6cb02f798e4377be2433375283aa16f17b99bc08c997834fed40e29d424b2d818ae45b3613e6694bb186c6bc18ab44a37676fff7bcf0c120eaa6c78d3efca9c8a8b1cea1880ebac2388860eb7799381068197cc937ab17587f51953837d07775dd33faf6161364cc48419f41bb2f801ccd952cdb81dd942422148eb94f50e18267a4a82a93f5b77877bc7a8dfb4eb2ea7cd9089100ca4b18f52095b04d95b6309741266a09bdbf72a4"}) setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000007c0)='tls\x00', 0x4) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000780)={0xffffffffffffbb3d}) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000840)=ANY=[@ANYBLOB="0000001cdd5359931a82aa0042c900"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) recvmmsg(r3, &(0x7f0000005f80)=[{{&(0x7f0000000880)=@in6={0xa, 0x0, 0x0, @remote}, 0x80, &(0x7f0000000cc0)=[{&(0x7f0000000900)=""/209, 0xd1}, {&(0x7f0000000a00)=""/170, 0xaa}, {&(0x7f0000000ac0)=""/125, 0x7d}, {&(0x7f0000000040)=""/11, 0xb}, {&(0x7f0000000b40)=""/24, 0x18}, {&(0x7f0000000b80)=""/34, 0x22}, {&(0x7f0000000bc0)=""/254, 0xfe}], 0x7, &(0x7f0000000d40)=""/189, 0xbd, 0x7ff}, 0x2}, {{&(0x7f0000000e00)=@alg, 0x80, &(0x7f0000000f80)=[{&(0x7f0000000e80)=""/186, 0xba}, {&(0x7f0000000f40)=""/55, 0x37}], 0x2, &(0x7f0000000fc0)=""/161, 0xa1, 0xfffffffffffffffe}, 0x5}, {{&(0x7f0000001080)=@pptp={0x18, 0x2, {0x0, @broadcast}}, 0x80, &(0x7f0000001340)=[{&(0x7f0000001100)=""/87, 0x57}, {&(0x7f0000001180)=""/131, 0x83}, {&(0x7f0000001240)=""/46, 0x2e}, {&(0x7f0000001280)=""/178, 0xb2}], 0x4, &(0x7f0000001380)=""/98, 0x62, 0x7}, 0x6}, {{0x0, 0x0, &(0x7f00000035c0)=[{&(0x7f0000001400)=""/237, 0xed}, {&(0x7f0000001500)=""/4096, 0x1000}, {&(0x7f0000002500)=""/4096, 0x1000}, {&(0x7f0000003500)=""/154, 0x9a}], 0x4, &(0x7f0000003600)=""/163, 0xa3, 0x6}, 0x20}, {{0x0, 0x0, &(0x7f0000003900)=[{&(0x7f00000036c0)=""/237, 0xed}, {&(0x7f00000037c0)=""/42, 0x2a}, {&(0x7f0000003800)=""/101, 0x65}, {&(0x7f0000003880)=""/105, 0x69}], 0x4, &(0x7f0000003940)=""/145, 0x91}, 0x6}, {{&(0x7f0000003a00)=@in6={0xa, 0x0, 0x0, @mcast2}, 0x80, &(0x7f0000004cc0)=[{&(0x7f0000003a80)=""/124, 0x7c}, {&(0x7f0000003b00)=""/57, 0x39}, {&(0x7f0000003b40)=""/4096, 0x1000}, {&(0x7f0000004b40)=""/215, 0xd7}, {&(0x7f0000004c40)=""/90, 0x5a}], 0x5, 0x0, 0x0, 0x8}, 0x9}, {{&(0x7f0000004d40)=@llc, 0x80, &(0x7f0000005e40)=[{&(0x7f0000004dc0)=""/4096, 0x1000}, {&(0x7f0000005dc0)=""/73, 0x49}], 0x2, &(0x7f0000005e80)=""/225, 0xe1, 0xfffffffffffffffe}, 0xfff}], 0x7, 0x2022, &(0x7f0000006140)={0x0, 0x989680}) ioctl$KVM_RUN(r2, 0xae80, 0x0) creat(&(0x7f0000000800)='./file0\x00', 0x34) 19:02:08 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xe006000000000000) 19:02:08 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x401000000000015) 19:02:08 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x20000250}}, 0x0) 19:02:08 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x9}, 0x0) 19:02:08 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x7ffff000}}, 0x0) 19:02:08 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x34000}, 0x0) 19:02:08 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x3b00000000000000) 19:02:08 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000100)=""/43, 0x14c) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) prctl$setptracer(0x59616d61, r1) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) recvfrom$inet6(r2, &(0x7f0000000080)=""/33, 0x21, 0x20, &(0x7f00000000c0)={0xa, 0x4e23, 0xdb, @mcast2, 0xa1}, 0x1c) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:08 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) utime(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={0x3, 0x8}) r3 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000980)='/dev/vhci\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffff9c, 0x84, 0x73, &(0x7f00000009c0)={0x0, 0x80000001, 0x30, 0x7ff, 0xbc}, &(0x7f0000000a00)=0x18) setsockopt$inet_MCAST_MSFILTER(r3, 0x0, 0x30, &(0x7f00000002c0)={0x8, {{0x2, 0x4e21, @local}}, 0x1, 0x5, [{{0x2, 0x4e23, @multicast2}}, {{0x2, 0x4e23, @loopback}}, {{0x2, 0x4e21, @local}}, {{0x2, 0x4e22, @multicast1}}, {{0x2, 0x4e23, @multicast2}}]}, 0x310) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000000a40)={r4, @in6={{0xa, 0x4e21, 0x8, @dev={0xfe, 0x80, [], 0xf}, 0x981c}}, 0x6}, &(0x7f0000000b00)=0x90) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:02:08 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0xc0}}, 0x0) 19:02:11 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$bt_rfcomm(r4, &(0x7f0000000100)={0x1f, {0x4, 0x0, 0x40000000000000, 0x4, 0x2d, 0x3f}, 0xffff}, 0xa) clone(0x206102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) r5 = getpid() sched_setscheduler(r5, 0x5, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:11 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x900000000000000}, 0x0) 19:02:11 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x30001c0) 19:02:11 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x400040, 0x0) getsockopt$IP_VS_SO_GET_TIMEOUT(r1, 0x0, 0x486, &(0x7f0000000200), &(0x7f0000000240)=0xc) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f4d63b265d25e80600d3ab1295c12f2b5ef1393dfbbbb0b3a50c"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) 19:02:11 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x2}, 0x0) 19:02:11 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r3, &(0x7f0000d65000)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f00000017c0)=ANY=[@ANYBLOB="1c0000000301ffff00000000000001000000de44277800080008005d"], 0x1c}}, 0x0) recvmmsg(r3, &(0x7f0000006100)=[{{&(0x7f0000000080)=@hci, 0x80, &(0x7f0000000200)=[{&(0x7f0000000380)=""/170, 0xaa}], 0x1, &(0x7f0000000440)=""/4096, 0x1000, 0x81}}, {{&(0x7f0000001440)=@hci, 0x80, &(0x7f00000016c0), 0x0, &(0x7f0000001700)=""/149, 0x95, 0x5}, 0x7188}, {{&(0x7f0000001dc0)=@pppol2tpv3in6, 0x80, &(0x7f0000002040), 0x0, &(0x7f0000002080)=""/215, 0xd7}}], 0x3, 0x0, 0x0) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:11 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) accept4$inet(r3, &(0x7f0000000080)={0x2, 0x0, @loopback}, &(0x7f0000000100)=0x10, 0x0) ioctl$KVM_GET_REGS(r0, 0x8090ae81, &(0x7f00000002c0)) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 544.480763] kauditd_printk_skb: 22 callbacks suppressed [ 544.480778] audit: type=1400 audit(1537556531.626:325): avc: denied { map } for pid=21434 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 544.559806] audit: type=1400 audit(1537556531.706:326): avc: denied { map } for pid=21445 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:11 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0xfe}, 0x0) 19:02:11 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x4000000}, 0x0) [ 544.671108] audit: type=1400 audit(1537556531.816:327): avc: denied { map } for pid=21453 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:11 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x8701) 19:02:11 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x50631f1c, 0x20000) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100)={0xffffffffffffffff}, 0x113, 0xb206c8717fe7275e}}, 0x20) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r3, &(0x7f0000000240)={0x10, 0x30, 0xfa00, {&(0x7f0000000080), 0x3, {0xa, 0x4e23, 0xbc6d, @remote, 0x80}, r4}}, 0x38) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 544.776085] audit: type=1400 audit(1537556531.866:328): avc: denied { map } for pid=21455 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 544.805245] audit: type=1400 audit(1537556531.906:329): avc: denied { map } for pid=21463 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 544.827445] audit: type=1400 audit(1537556531.916:330): avc: denied { map } for pid=21465 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 544.827476] audit: type=1400 audit(1537556531.916:331): avc: denied { create } for pid=21442 comm="syz-executor3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=0 19:02:12 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x8}, 0x0) [ 544.892296] audit: type=1400 audit(1537556532.036:332): avc: denied { create } for pid=21442 comm="syz-executor3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=0 [ 544.935390] audit: type=1400 audit(1537556532.076:333): avc: denied { map } for pid=21471 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 545.039286] audit: type=1400 audit(1537556532.186:334): avc: denied { map } for pid=21475 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:14 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="87d61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:02:14 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x400000000000000}, 0x0) 19:02:14 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xe803) 19:02:14 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() stat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setfsuid(r2) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r3, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r3) tkill(r1, 0x1000000000015) 19:02:14 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$bt_rfcomm(r4, &(0x7f0000000100)={0x1f, {0x4, 0x0, 0x40000000000000, 0x4, 0x2d, 0x3f}, 0xffff}, 0xa) clone(0x206102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) r5 = getpid() sched_setscheduler(r5, 0x5, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:14 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0xffffff1f}, 0x0) 19:02:14 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) execve(&(0x7f0000000000)='./file0\x00', &(0x7f00000002c0)=[&(0x7f0000000080)='/dev/kvm\x00', &(0x7f0000000100)='/dev/kvm\x00', &(0x7f0000000200)='em0\x00', &(0x7f0000000240)='/dev/kvm\x00'], &(0x7f00000004c0)=[&(0x7f0000000300)='/dev/kvm\x00', &(0x7f0000000340)='\\/wlan1)lo\x00', &(0x7f0000000380)="65746831766d6e657431132d265b2a00", &(0x7f00000003c0)='em0wlan1selinuxvmnet0eth1ppp1\x00', &(0x7f0000000400)='system+#$),self)\x00', &(0x7f0000000440)='/dev/kvm\x00', &(0x7f0000000480)="2b23f74073797374656d286370757365742a6e6f646576766d6e65743100"]) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:02:14 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x10a) 19:02:14 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x900}, 0x0) 19:02:14 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x900000000000000}, 0x0) 19:02:14 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, 0xffffffffffffffff) keyctl$assume_authority(0x10, r3) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) syz_open_dev$midi(&(0x7f0000000100)='/dev/midi#\x00', 0x0, 0x36328fa90debbcdc) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x5, 0x101000) 19:02:15 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:15 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x2000000}, 0x0) 19:02:15 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x2}, 0x0) 19:02:15 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x150001c0) 19:02:15 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="07f61d06000084adc7e033c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:02:17 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$bt_rfcomm(r4, &(0x7f0000000100)={0x1f, {0x4, 0x0, 0x40000000000000, 0x4, 0x2d, 0x3f}, 0xffff}, 0xa) clone(0x206102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) r5 = getpid() sched_setscheduler(r5, 0x5, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:17 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x1000000}, 0x0) 19:02:17 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x3f000000}, 0x0) 19:02:17 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xa000000) 19:02:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text32={0x20, &(0x7f0000000200)="c4c211a65dad67660f3882068d000f019e0a000000eac38c00003b000f231d0f47222e3e660f3881b0fc8e073c26660f78c30000660fde2cae66baf80cb8960be984ef66bafc0c66b8007066ef", 0x4d}], 0x1, 0x1, &(0x7f0000000000), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:02:17 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/ip6_tables_targets\x00') ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000100)={0x101, 0x0, 0x2}) ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000180)={r1, 0x100000000}) r2 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = gettid() r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r4, &(0x7f0000000140)=""/43, 0x2b) r5 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x800, 0x40) ioctl$RTC_UIE_ON(r5, 0x7003) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r2, r4) tkill(r3, 0x1000000000015) [ 550.607012] kauditd_printk_skb: 20 callbacks suppressed [ 550.607026] audit: type=1400 audit(1537556537.746:355): avc: denied { map } for pid=21562 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:17 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x9000000}, 0x0) 19:02:17 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x400300}, 0x0) 19:02:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="000000f5ffffff"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:02:17 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x6400000000000000) [ 550.816671] audit: type=1400 audit(1537556537.956:356): avc: denied { map } for pid=21573 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 550.853126] audit: type=1400 audit(1537556537.996:357): avc: denied { map } for pid=21576 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 550.902425] audit: type=1400 audit(1537556537.996:358): avc: denied { map } for pid=21577 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:18 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x200000000000000}, 0x0) 19:02:18 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x900000000000000}, 0x0) [ 550.963094] audit: type=1400 audit(1537556538.026:359): avc: denied { map } for pid=21586 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 551.067610] audit: type=1400 audit(1537556538.206:360): avc: denied { map } for pid=21594 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 551.109265] audit: type=1400 audit(1537556538.246:361): avc: denied { map } for pid=21595 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 551.146320] audit: type=1400 audit(1537556538.286:362): avc: denied { map } for pid=21601 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 551.169659] audit: type=1400 audit(1537556538.286:363): avc: denied { map } for pid=21602 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 551.202568] audit: type=1400 audit(1537556538.346:364): avc: denied { map } for pid=21603 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x6, 0x1) sendto$inet(r3, &(0x7f00000002c0)="ab26ebfcced0264e9dd46ff8cec7c0bf8a987b2f20fbe302475a236404f15230fdc58db7d65fbb62739814675ad4acd55d979139ce68510799670a9c0edc67adc3e885e9f3a9be2dcd1eba1eb5ca02cddd51d761ce83ae360d8f325b62bdba84e0aeb02152948bd8a20e34e471e10ffd690ede6ac200e348ea1ba7a807b35a40f2372b9775113a45d935e1befb7f6ca6ac9e09e26c55a7e7979b1894c61a5c3c05af2f1a63b0b0bf7ea19c645e2e7dab66665cafbaf2d266adc16cb7d6701fb4d512161b2bece5ae8a3beff2908f35c7f045cc08645cda4a20cde8e01d9860429cca3ebb2fe24b3e3f86d7c2cc8cbd", 0xef, 0x40000, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) 19:02:20 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x700) 19:02:20 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = dup2(r0, r2) tkill(r1, 0x1000000000015) ioctl$TUNSETSNDBUF(r3, 0x400454d4, &(0x7f0000000080)=0x4) 19:02:20 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x40030000000000}, 0x0) 19:02:20 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x3f00000000000000}, 0x0) 19:02:20 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$bt_rfcomm(r4, &(0x7f0000000100)={0x1f, {0x4, 0x0, 0x40000000000000, 0x4, 0x2d, 0x3f}, 0xffff}, 0xa) clone(0x206102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) r5 = getpid() sched_setscheduler(r5, 0x5, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:20 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x400000000000000}, 0x0) 19:02:20 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x200000000000000}, 0x0) 19:02:20 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1200) 19:02:21 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="b385f99b25f6060003c300"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:02:21 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x4000000}, 0x0) 19:02:21 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0xffffff7f}, 0x0) 19:02:21 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = fcntl$dupfd(r0, 0x406, r2) write$P9_RVERSION(r3, &(0x7f0000000100)=ANY=[@ANYRES32], 0x4) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x0, 0x8c02) connect$bt_rfcomm(r4, &(0x7f0000000080)={0x1f, {0x3, 0x9, 0xffffffff, 0x8, 0x80000000, 0x6}, 0x6}, 0xa) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:02:21 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x480) 19:02:21 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:21 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x9}, 0x0) 19:02:21 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x1000000}, 0x0) 19:02:23 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x2}, 0x0) 19:02:23 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1b) 19:02:23 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e8, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x10001, 0x7, 0x0, 0x9f8, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r1, 0x7, &(0x7f0000001880)=""/190) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x1b, 0x1000000000, @thr={&(0x7f0000000280)="b28fdce1370777f320e81ddc2871851f2b9356c4c6218529f02667ffcda73bd632281ea67944527f0765e98f42b237e41aeb5220bed7afe283c7e65ed8217b85928742a01df8401a016cb3f50ed7c2d8fcc3877766bf9798dfe5a402848933497257162e42a1e99c70ad33e421b7c234c2943d0c4d55ce06c6be73eb638b730f680296a40e03ae70feeff6b69f42cd3405b1897cfaaff5a650561b91ec", &(0x7f0000000340)="d90578dfb6382c034cf1d17d7cab61f561e64dee8cca0f61fc868d51ae13878049e9b27869333e598d811a51048320868ea40fcbfce54ffd18aef793ce28b73c886dad517b54fdb09683344d9294901ff02dcb05f8727f7fff473369de306596c82d5033ef77ff79270be2d7564383d45dcc31ce25eb3e60ca2c0417711916886b9b093ce7f525056a47ce24d746366a9da13b1467866c42129558188a1cd328d2b3934d95c8fc584296088c98d3889a9c402cce6535be5a5574ba8935bd6d4c624e26"}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) sched_rr_get_interval(r1, &(0x7f0000000080)) r3 = dup2(r0, r2) tkill(r1, 0x1000000000015) writev(r3, &(0x7f00000017c0)=[{&(0x7f0000000440)="1daa02ceb205ae3ba58db693582f947d536b7d09e6eda1e6678045f901674718d6a2a9e60e7bb94a1daf8dfae2a09075a57aff214738c26a8ccec613a717b5ad4b218ee7364f00025a2fc33a2af6e626c47e7a6d63f65c28a758cf5880a0190c60564231c56f2edb3c136721c1b1a832478826182cf31be0004b7ca85ea671c34f75308d98e923b31d95400afcf1d1804bc571", 0x93}, {&(0x7f00000000c0)="2164d6dc29de427250e3fabbdd99e0b813ec01f2e909106791f89c6094ef83a77892e34e159910b25aeddba728b2247925219d30a2155a30ea083370b555704fe1afb703959f648cb7db6e649e1442c24efd7fff367866b97add25c301906b0512962c09a7f5ed3818d39b70658a424a597ae6bb6f1cb094", 0xfffffe15}, {&(0x7f0000000180)="90ba6ad148a9bc3e53feb4824ee633c021a083bb6f699b965c2696501cf834", 0x1f}, {&(0x7f0000000500)="83eb875b70834ab3d9ecb41d0d200670610894264e349b30c299346964c0d3a1d8d1e8c76a35988851bb4448eaa9e405081173c1580ef656e8067733e7351892cb9f72c0a92f3ac4fda4f5fe3bc7d8a81745f8f814527fcb7cef921050f4b50cf9bae91c132b1c0e6715dec928c3cf99ce075a47474f153df40a4789c1fc11444834e9f4fae227f85451de8b683ed2cb3191bebbdf185091272f68cbe40aafd0fa65b7c7bbea9988e4ac63bd82dbbb0a51969d1e47e4755dea131f15ed99dcb1006369a2babd98e9360a91ad9f9ae21d8a6284a50f2bbeb470bf9861891634a98c8fa50fda3a784eb9a7e0a6f679e279c7ac63076c37dc4bd7774fe588f9d8a0db5a512ed1392fdd3b0ea9b988ec23cf55683f117a7a0889b80d9e99cb3ee8b47cad362513b68a8d51d87fc8860fc3a153dd7f246df7eb2ce18050c19c5627eeebf6b35929d853f057504e8f098adffea04659bddd59bd35a79d356ba4b5c7857a6d7d6284e218937293a43f5c72829d4248bbeb7742ee56385efc058da73e3cfdc56382ef9f1f6dbd942453e9173e4209b762c4310e4949b905fa11d3f165eaf725ad9ebc2b95f8f0cea12c1a5a3b3d68e4896be4502aa485d67de309484df634cab801f5230e54a05c640210a8767691b97756a4ada7a2f99d9c894aff2fd2a031db17885e4158c42319853c313ee6cd05b4c7ad0adc8ea8ea91e8da662f38ea178d12be6fcd7cb0642e2b54ed98ece39da84eaed070a844f48986de4bedb33a5b7bd53e8322fe77f02672353ca473f7c706b10ccf25a63ee6d9c9e716c92e739c873b62c0f6a0ae30668381bdf6aba95a604ff086ffea4174488295c5f063ea27a1c940270d97215bba438caa252803847656972012db2da6fc09ff2f135b6e2b1025210fcb3f127da6e7af72ac474e7087bc90e5f5087435c70c8802aa0ae17c770cf46bd347eeaf0435d8ab997c30f01dc2f03bf611e782def120d06634f751009c97005f92ba639fa5a6d9e21cfe8e12ff510a61025ee7e525ff21ecbfab7aad7138cca5fbf4d72804c71dca61645fecbb2fd9f068872deefe90ec01394c85cd70b14793c13a0ca814c4957181cf8736d4f733ccb790cf7a1bc5319f98504c40630c47b9a6b2d5a22821c1687716bf008a01fd3892bd0f52af8969e531029cd7e0eb851ddf4e1e8dcf43ca8f91dad6a3f3733e0ccd17fe16ef7d595ed205fb89318920633af8ea2dd16eb89446cb29391b4449b1c6a5c0f48682745fa2d539aa8a0c21ae63b3ad6f8318c2d16739ed4f7d1d0d3badc0623e433ed660973d01cab095e4d64d58c2c4d19767014b503a395566b2a07ae5231aa8eb9fa689cc3752a2a509cf69a48cc13b64a36da97db33c77df855797f0b6692c4ce515dfe16211019f71781f96833bcf3d3e64f5760e3fde8082155e01eee9fcf52d08c28612fea8e7c4d1e037295a0958cb29691dd6f1b1c0dbeb1997b8efb25c118ca54c87882bf805886d14f4d28ac43ca73052c7a2e510b3eab2444e5fec27509409a8f2d689e94255fdb6d7958ee0c850b337b76384ebc814c6c9df066736720279a867e8616341bbbd31462a6add15464170ae4a3701f9c8a82f81700c1c5c6ccea146ff779f664728b7cb3329c226e7566adceab75932c8ec498c765699e2f04403c029b23e13adeadd27e6c00035820af19d51bb3694ce17c2a0455a9687caeb73f203797c7449c2d5a067a65311c8a90d438de9c3b8e4fd10a195c16a77fedbd48dd85e87abc56915979d189ef82c6450691ea2e79479ec545e8fc4d2e8484571ee1b344a53ca030e0524c1a88faa38b2a4d5efe4ddd5b863151b7ad9bf0021bb1e7388b11f6ea57c365d968b3e2e8a345e86da365a07e654fa1ad1acb0fb52ab0039dbb2b6afde8a6c53270af1b1f86995ad0662d9abdd2aa5d6267be1019d38042715cb7f8a4fd271f3cbfda7f3d101de3ce0952ff84b8dac61f09b7cae978eb111567ebba07b7dd1a992cd85d4828ea2d10075d7f90438097bbc93a758eaf341bdd63d7711160bd75bb9202973ca1aa7b49df04be1c4e9f317631a5f0788057bcfdadb9acfc702ef72b3132ace9615ac0e48c22d3aef83ca26e91bb3b39ee2b8cd9a0b721b97ab7f24ae843cdf38c8240bf66bc35886cb53dadbefff8f69661b1ab386bee2d1af192f272cd3339980ab4381e6eacdaf2728ad0f614e18767005467af8b4477a4517517f1d47687dd4f796530e08b75e5be663aa7ba01e10ec4660254bae799e6a90ca571010a57161eadeb95dc815b0cd7469495412b4380b673e94cb34bae20685ae2ff1a44b1f7329b5e7f1b6982207c22450dd894d3f59890a35e51d9d0d3f5f36262c43ad005f3096220a686ee4cadcbed1e3618f7d75642bba43cad4afdccd975c85e35b8fa157c6a99e513edbf6123e912c23a21c32030917deab08130b145ef57961a077364fb2d0d3a342fe4973fb8e107ff96fdd1524adae0a56f1bbb6f4e81003091e7acc6f27cdd35f652322d5be907580e2f8f2d64a0a18ae35adb214db1071098107b7d7514855d5a472f473c6aff7bfa68b8424bff630aca34f8ecf012029f726b9feee0a32dcb2571cdbe7bbf71c223d0bad551efed372ccf6f9fe02a3a7056f790be847bac49acdfcfa549c40585617607c1f290c28cc23b5f13611d8fe4a66dce0562372a1ec1df822ff88eef2c5063ee7b267075f5c15596558af8e0b14829ee0644090ed04f2075931e3d627965800980b49d9b947f9511d04c8c3945af813226b8e94efa8ff55b3f4133e86809393c86c912929a1114de9dd3b391ff5a3fa6fe39f47d7f795bf6d04fa7127f82e2848a6318c741fc0d0f305c914e4028711af169985a80e8efa3773879068edfd5f38a2ac9edfe96a3d7fdbf6e704409b8aad8fc795ecdd9729c5162f3a18f90ffcd691b2eb181cd894e4a886f17d8dd45399cce7ed30202f6e7578ebb4d4c7d9de8799fa7d4e745dd640896bf8d654eb6117a3c1e1565a3e20d0d4ee0232116b8b94bf6e069d9649e62c21806f74f1d7c2a3fe0513dad7f34c63009760f175bb6c235b4ed7b91b324349a11dd056709afed43ac070bfbeb8fcbc10d350ac1b01c8fe06afee098b6f82d1b141f47c99f742df526911ee6a146dba6758db77cc655f51b736c24ed1af8404e2e5b78aa6f4bd48b05e48c24ba8d37139bac5875f4f2d04a5c9bde4e436f5f693303d1e28585fbf6bb09afa58e99d8fc4e82aa36277ec3d6a59645958eb5c9293f86aebf78f5425e141fddcbae07c7b11081a8a20739f93c46d739effe8ac87ba8f90db8f305eafa765562e17654b8f73b806eaec6be978477bf14421dbe6625e88efbef242a64dae66cddcb4987fabfe1ae079b94ddd3861aed9908c08f035ace55f0bb4182262e507c3dc41083d5af2d0772e1b7d5be763f436c07d27821b6520c157172fb95a2d8d2b8a10370d2a059839f2937c4754f23993e28bb4b1fabfb37b551c950cb046c17488d78769d76ef19a4b94f97361085e91de121f05a3cc3f5626dea946b6742ad7af6cc9d1848cd1d87d90e4db6fb0b7bda5d7a50e2b20c8c6d909fd2f924536b6c2d6eb9026d96958d37628f06a08446ae1f4aa07a158877d849c759a57ccfe480d59ad9e50a5d27feb7f8a57c1b70a6a9eee08c95ab64b28102d1be383320c446a33bf55b0812cb6890ab87805e133d975eee8595058879d0872fe1a0011cc2300d21b1259eaeef0ddbb527a48f94d45b746f1175ba2e51e201443fa6d00f79ab728b5cd0664e7fd591bb1eeb314d120e0b4d5ede5e1e34d05036e1628cf502456f0eb9cfa0719f58931f5b65255aadca0e8e7789695fd6e8edef593eb15d48fed20ac8586e8c1e68cc0a729cb1f4c5e0ad2beb38b57de658c22569d71671c3869d25e83063b2c30cbe14acca1044ce4f3e1af1373a15d2848178fb9162f20767b5dd4621fff7175e2dad2fc3542333f413159bd4268cee5f1cab90842d41a33d4f661646ef933fe4aeafcc6528e8e4c1abdddb181365c5c25df3dd3071f00ccb647c17903157cd2875f5b20884ceff128a129b5e9e0bf4bdee16977e4b67b2e325f8c771d39832bff805f3c845976257bec2faea65255dae86c10785c8af72a0097c36c2964bd6f3e93b4d6bfda73959a9fd43d8895f5c28d8a7a6196196aff3746ff65609ee7ce3a70ede65da4c1944632d64efb83f6d8e7cbd74365b922879038689377b1767627dbbc2df599ee651cf510e2316b48cd9aa5e2090ed3e3289f131018a65bcf0c81097e3e00659edcb690547ae827fc8347fa9aa5fa2f30d7f52aefd9180bdb4fbbc45fe3ac4fc30202300ece21d27bc69177e68343f6b6bc17c99b302c3403197aeb3d1b11a165f846f4fb0531ae5059ddf331b23b7d653eb8e48e623e520fdaed0abbad84bfdca5a45b56ed9accdb55dc858fee65bf02b1c71431508f523992c107d2d47f29215d22dc662dd0a5b608c8741bb70882a2847f288a805378d1405a72c3d13066f5961808611d23748ccd9d5a763709cc1fdec859f584bfb44c7fcc45037f42c9f2e0ee1f9f50bee83bf041388bedf82ac7c26761453038e974d3943945203db2fedace8250c4355dd0978b6bd6292eec33a68dd1c317461969a2e84c94961ddff3c4dd7500f6f98aa9d410ef20a70e518af5cca22c4f81021c85b53db1ecfaa50cd0bfdca3866f167a692eb1584af881dfb122afb594b7e3b8088738a1b2a38f54c18ed57c26880a9a8f3bd189af822ddacecaa47802415dde1c3a27bfd3b78861582068f702039b7a57f27cc4d2dda435580278bd75ed0b41bd2fae82c43098ff44e321d274b85d382a5d7b0f15a89a5cf6538441d42703a400f2c43b6d4597cfbc415cda0bb7b0d5f7209746cbf13033abded98265339f46132df97aff83f9bd487ff20fde657eff2a6136bce735bef8253f7a97bd8942143b71a0750f476f5043ae970feb828dc45c3fa4b2a1aa35dcff7291ef7928f2cd0e2a3f419504a181cd45620f4bac3cdbf62c63ad2aaf88df2b0adcdb6194e159e345fdd67e4bcfe6d027a3f127d378da03518c8016a61d2c9d09276f1a37e68da144eadf4ee4e7e6fba73391e70000b053ad6a42b08686b8f4d59eed238257161b98ba0f89152109915f1f1f61293de12617d5ccb903e75f57830f42100ddfeb361c515f7022a1a638881147df4868d2d3351632c5bbe655160d7e51fea8bb77b2169b9620b70e92a2ea4f8a7283775d81f4237676eaabd688a0d0be185ec68ac202db45ca8aced6d80735c61d310ef52399bce7dfbe86ab845db1429e319e11c132330a3c10561b1a01a5a86762404adcaf8c577d92e9f3cf6c3917636454ce1ece0376e208a0cbf408d4af13edb4c06b68a1774b61237f4a273be6cefff9bba83b2fe2eff3a269cd4aaa2d9949d0d19a1cd0eacfa813914e326dd32911474b6e3d96adbec9a5f7fa1f59eba577077d180d1a140d3a188d74cd6a4bd8006aa299a041006090794a956ad595e7ae2b2c270ab8611edb9f16d6338c6ea16345c39664c8c2c75f0fb81f332795b226884819e7759c58f10152c9e73ea6ffc20170590cd7c9d55510a8e3eb8aa4da08424bb2839f4a194d91dd5d476351cbd0619498a8b3f72dff4c03f6f098d2c2b4d81e7d3ec6ae226fc026d851c5abb42973cc25d21b811778bdca8ea62f25fbfc6ac96f3c4249b3d66d4c6f9f437acf6a07413ca0eafa9c1561a6342c4644cf13394ceeb515ce67123c4caace8b39e2b333c8ee64e3a1", 0x1000}, {&(0x7f00000001c0)="6cff3c361a4c4dff241cdef81718adebc7a848e167b6db5d0b423a92e031", 0x1e}, {&(0x7f0000001500)="3fe5425856b7d5a38a13ef3858f3a5a46a8c0fd214984516a8584eb019afbce6d3d6dcb5f814dc61cffc4d6bb0e86fa45572453629c8070f7224e136acedc26f3e7924b342193e491423e5df68e48bacc146a341cd98", 0x56}, {&(0x7f0000001580)="04c7c38040d8fdf9fd7926a6ff72551ec34e874f5c0d057d82d9ad27311f5de36d93295f3a57223c7c67c47b09b288ab6d756dfa155ea3870632a8e0a29f0f3bce9e37d0c316f9afea99a4f41cfc46023b04e13dfecdd4d70df82ecdb7731ce00ad36200c2691037be2ab6fe47c88835601761e547ebe94705ea5fa3969dfc4fcafae05935e91553e095a96bf1", 0x8d}, {&(0x7f0000001940)="aa4cc26080f0a3c9b07fd54bea5fc05650e835276fc906c94ef048c9f7253abbce920f721b32c7c278fda5bdab85f3728e89d241f8bf9aad3e3c22bfc858b07f49cf9a123d2e070d0fbdabb5f1d0849dfedf3d5f53513defff9fdf80fa99a22c420f", 0x62}, {&(0x7f00000016c0)="7f10a2ab4c4ec58964ac87abd1a3a80ddc86cc1a3248b9d515cc37a819d4fe98ce4cca6448512711a10cf55fc4ae17c9a7a36f5317c05c525e46689cceb105ff502d56c8eb0827c1cc49ed732f3ccd09ce7ed7ae9ce5cf68eab9f7b16bf628d215e0e1ee909867f58d5552d905d9364da7b1bf61b1d237100226a08055ecb0929fc7589b10f58760db6031e9574460314be1dadfd7ad137cb41a3a16781d4f1a5bc267198b49d2dfbecd287d2c643a1e4a7f4af9d67ad1b6b4cefd98999c0c", 0x4a5}, {&(0x7f0000001780)="a60cc9bfb3d03862daa6c92f25d4c267f309bdcdb8f7f873a9875df0e57e44696838781fd5f391471462ebcadf31a92d43432909f9b415ec", 0x38}], 0xa) 19:02:23 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$bt_rfcomm(r4, &(0x7f0000000100)={0x1f, {0x4, 0x0, 0x40000000000000, 0x4, 0x2d, 0x3f}, 0xffff}, 0xa) clone(0x206102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) r5 = getpid() sched_setscheduler(r5, 0x5, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) socketpair(0x0, 0xa, 0x40, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000100)={0xffffffffffffffff}, 0x13f, 0xa}}, 0x20) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000300)='/dev/null\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x8dc, 0x20}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x201a7fa6, 0x48, 0x1}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0xfb, &(0x7f00001a7f05)=""/251}, 0x14) ioctl$int_out(r4, 0x1, &(0x7f0000fd3ffc)) get_mempolicy(&(0x7f0000000380), &(0x7f00000003c0), 0x81, &(0x7f0000fef000/0x11000)=nil, 0x2) write$RDMA_USER_CM_CMD_MIGRATE_ID(r1, &(0x7f0000000340)={0x12, 0x10, 0xfa00, {&(0x7f0000000080), r2, r3}}, 0x18) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="6a769c7ad800f39b20ce516131a82eba22e0c50005008ec211f80d4c539bde447680e191cca91e97ae15774fe466d72a0c41da666ad733ccfc5f31fcae6e5a45e2bfe13c62403fa918fe4c826ed7fcd41a"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_S390_UCAS_MAP(r7, 0x4018ae50, &(0x7f0000000000)={0x2, 0x1, 0x2}) ioctl$KVM_RUN(r7, 0xae80, 0x0) 19:02:23 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x400300}, 0x0) [ 556.750633] kauditd_printk_skb: 19 callbacks suppressed [ 556.750648] audit: type=1400 audit(1537556543.896:384): avc: denied { map } for pid=21688 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 556.796431] audit: type=1400 audit(1537556543.926:385): avc: denied { map } for pid=21693 comm="modprobe" path="/bin/kmod" dev="sda1" ino=1440 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:24 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x4}, 0x0) 19:02:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="07f61d060000c305bf5f654384a2ada275af1f6f908e9506c89dc02e9c56b8e58eec6b94165eb6043849a662ab50155d6ca8ef5b7cac2d6c0d9ba312cab6c48d40fdd95a345de0a24b4120e5ec0a4b3cef326b11a48c2c1fd6770f547f272e912889997f045f8ae5410ec5f5a01c0342239862ea43da789a681469031542dd7ed8"], 0x7) fallocate(r1, 0x2, 0xc000000000000000, 0xd6a) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:02:24 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x400300}, 0x0) [ 556.908548] audit: type=1400 audit(1537556543.936:386): avc: denied { map_create } for pid=21685 comm="syz-executor0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=0 19:02:24 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xb700004000000000) [ 556.979011] audit: type=1400 audit(1537556543.936:387): avc: denied { prog_load } for pid=21685 comm="syz-executor0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=0 [ 557.002198] audit: type=1400 audit(1537556543.986:388): avc: denied { map } for pid=21698 comm="modprobe" path="/bin/kmod" dev="sda1" ino=1440 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 557.040152] audit: type=1400 audit(1537556544.086:389): avc: denied { map } for pid=21703 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 557.062544] audit: type=1400 audit(1537556544.176:390): avc: denied { map } for pid=21708 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 557.091684] audit: type=1400 audit(1537556544.176:391): avc: denied { map } for pid=21710 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:24 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x100000000000000}, 0x0) [ 557.137576] audit: type=1400 audit(1537556544.186:392): avc: denied { map } for pid=21711 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x8000, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07b8d6cb690af6"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:02:24 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x900}, 0x0) [ 557.235810] audit: type=1400 audit(1537556544.376:393): avc: denied { map } for pid=21723 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:24 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xc00000000000000) 19:02:24 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r3 = memfd_create(&(0x7f0000000080)='()mime_typeposix_acl_access\x00', 0x0) ioctl$ASHMEM_GET_PIN_STATUS(r3, 0x7709, 0x0) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) ioctl$KVM_DIRTY_TLB(r3, 0x4010aeaa, &(0x7f00000000c0)={0x8, 0x40}) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) syz_mount_image$hfsplus(&(0x7f0000000100)='hfsplus\x00', &(0x7f0000000180)='./file0\x00', 0xffffffffffff1610, 0x5, &(0x7f00000006c0)=[{&(0x7f0000000280)="d9d0fb9a5e76a4f3f7d0c2c7077c596dc3f107ae7710bd096dde69616356f3473ea468b625ce94984afde1e4107e4af3f161254b4ad0d573dec31975f459756c3d4bca3d66b452e3487519304de118c1ab6fce955c229fd938f489c24e8b8e9e7e4849262155e85f854ffead1039af6b07f4206b6fb2c28bb2e153cf3236870f6fe7802bc8e8c45dfbb5940a3c23068f137afab2", 0x94, 0x80000001}, {&(0x7f0000000340)="8712928c3e75fba5fdde82aaf7c3aa3f924fca20d7937384064e997426ab3b4839e6400bde4f781edde7c2774b5a6b2b629ed68162e5afb477350ba52fc8874dcb82d5f9fde3245b283dac8184f257213a6d83a154cf761af645f4f93c982575f32478990f0795b709b8b2833e145fb4336c73142ebdab2dfe3dfd8e08c54927e2dc8a571b3668dfc2f298e9448c7ddd18712d5db6c1b7d18190fbb1d646b4c3ce4c72711ec55f6a95501f6cb43deb2ca9287304d7e7", 0xb6, 0x401}, {&(0x7f0000000400)="018543f268749ef4691e8a93e3f6c142b946ff3826db392ea465bf5198fd6ed3a0a181c4cef2bf009c19e005cfdceb4d844723eaa585df6b76e2e2492e620b4fe742ffe34e36bcea8a51decdf53f96cedde377d20a71670c495743f15d983fa4a92b507550790a172d02a871418e67113fbbaaef83d654e6ff8cd9fd78018de3cf8e32092054dc84762306dc86225deaed58adefa84c96047c12b8022672ee6fdab4b32b4116400777e906234e0e7430ffc09e3e1afa633dd80a2eec4c921717b6221800a7bee3e4b4e2db80bc", 0xcd, 0x8}, {&(0x7f0000000500)="31ae6d9128b495daa571fcdc3169085b06aaffa21de48c3cfb6f56ac83e98f55a0d08828675cb8dc6194586e30fe3e0143ff72454d7716e5c8b2d93c495bf307e4702215052728f7724c572499ac8e3ddc8e925efd38fe094e7ae17f52ea957325f33e0ad1718cbfc8e851dfa6fab4603570c34520c9c62bbf489359310004aa521dcc190d2a2a16c17f01e55a6c82f51b5397896132b7c8415c454fde5896576a71e57ac9ef8e5a5395", 0xaa, 0x9ed}, {&(0x7f00000005c0)="c3ead5b30c0bc906d51e46841b0717a34e3441d04f641372ffeb3a2e1e483b015b9463faea1d2d022a7ed403d589c40dc6837a4afa49bc6ae500a91d6973821ac0cda638a6fe437a55f89a628d6d975beaee80b08575e29006e663a815d2c9ba6561175f97c81e179eeca9b0d621199863d985799495cc9fa7622964a7654032200f3b1b75f40da19d72522f01ab9f438a74a4ed8efc001f26e54a221bd802d8f7bf113cfec9353c0adaecf39e4663df8d34afdf952ea54d9e5d0691eb53a8a02190f97406d47d89ce6db8371d4795", 0xcf, 0x8000}], 0x8008, &(0x7f0000000840)=ANY=[@ANYBLOB="73657373696f6e3d3078303030303030303030303030613538612c626172726965722c6e6c733d63703835302c73657373696f6e3d3078303030303030303030303030303030382c756d61736b3d30303030303030303030303030343030303030303030352c00f55e363ee2e2e16ab16fa0b66f79ffb10d1938bf5cf30c05b96c7c41069168811c2a80661d42f7e9d2f5ab952a9193444df2fc398ec65853a0cf4d0eecb6c6b538c508b10c897715d584807150720ff4bd46a8c689cdd1ac5f19ef3f11e4bb62c674a30d70623b3df6"]) dup2(r0, r2) tkill(r1, 0xe) tkill(r1, 0x1000000000015) [ 557.544438] hfsplus: invalid session number or type of track 19:02:26 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$bt_rfcomm(r4, &(0x7f0000000100)={0x1f, {0x4, 0x0, 0x40000000000000, 0x4, 0x2d, 0x3f}, 0xffff}, 0xa) clone(0x206102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) r5 = getpid() sched_setscheduler(r5, 0x5, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:26 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x900}, 0x0) 19:02:26 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x80000001, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:02:26 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x3f00}, 0x0) 19:02:26 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x8000000) 19:02:26 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x800000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r3 = syz_open_procfs(r1, &(0x7f0000000080)='stat\x00') setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r3, 0x84, 0x12, &(0x7f00000000c0)=0x101, 0x4) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{r4, r5+10000000}, {0x0, 0x9}}, &(0x7f00000001c0)) dup2(r0, r3) ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000100)=0x7fff) write$P9_ROPEN(r0, &(0x7f0000000180)={0x18, 0x71, 0x2, {{0xc0, 0x3, 0x3}, 0x2}}, 0x18) tkill(r1, 0x1000000000015) 19:02:27 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="9a0000fdff000013656f0794cb60995244441c4045b104170000000015000000001a4e90"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:02:27 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x34000}, 0x0) 19:02:27 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0xffffff7f}, 0x0) 19:02:27 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x7401) 19:02:27 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x1000000}, 0x0) 19:02:27 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xb) 19:02:30 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$bt_rfcomm(r4, &(0x7f0000000100)={0x1f, {0x4, 0x0, 0x40000000000000, 0x4, 0x2d, 0x3f}, 0xffff}, 0xa) clone(0x206102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) r5 = getpid() sched_setscheduler(r5, 0x5, &(0x7f0000000140)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:30 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x4000000}, 0x0) 19:02:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0x3) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:02:30 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xd901) 19:02:30 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x4}, 0x0) [ 562.894728] kauditd_printk_skb: 23 callbacks suppressed [ 562.894743] audit: type=1400 audit(1537556550.036:417): avc: denied { map } for pid=21808 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 563.059347] audit: type=1400 audit(1537556550.206:418): avc: denied { map } for pid=21826 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 563.104672] audit: type=1400 audit(1537556550.236:419): avc: denied { map } for pid=21827 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:30 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000012) 19:02:30 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x400000000000000}, 0x0) 19:02:30 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x34000}, 0x0) 19:02:30 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x7401000000000000) 19:02:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(r1, 0x40086607, &(0x7f0000000000)=0x12577344) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 563.145191] audit: type=1400 audit(1537556550.286:420): avc: denied { map } for pid=21828 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 563.172678] audit: type=1400 audit(1537556550.286:421): avc: denied { map } for pid=21829 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 563.223235] audit: type=1400 audit(1537556550.356:422): avc: denied { map } for pid=21836 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:30 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x9000000}, 0x0) 19:02:30 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x40030000000000}, 0x0) [ 563.367625] audit: type=1400 audit(1537556550.506:423): avc: denied { map } for pid=21844 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 563.458007] audit: type=1400 audit(1537556550.596:424): avc: denied { map } for pid=21849 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 563.489120] audit: type=1400 audit(1537556550.596:425): avc: denied { map } for pid=21851 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 563.529506] audit: type=1400 audit(1537556550.676:426): avc: denied { map } for pid=21856 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:33 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$bt_rfcomm(r4, &(0x7f0000000100)={0x1f, {0x4, 0x0, 0x40000000000000, 0x4, 0x2d, 0x3f}, 0xffff}, 0xa) clone(0x206102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) r5 = getpid() sched_setscheduler(r5, 0x5, &(0x7f0000000140)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/hash_stats\x00', 0x0, 0x0) write$P9_RVERSION(r2, &(0x7f0000000100)=ANY=[@ANYRESOCT, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f0000000200)=ANY=[@ANYRES64=r1, @ANYRESHEX=r2, @ANYBLOB="6eb56b9831257e8c8a80fc12ae715b7f474475858f219ddce1f83b622e4c6589585f63b233f885febfe6dc09a9e325cdee"], @ANYRES32=r1, @ANYBLOB="16261987690f874b679409ae21bec64c85e7dca51b42a6e63f7612f7e8990e3db14565ca40b9113cd08295f831740c2c99ff184aed40fd5ff1bd4e21ea85c8c1a96bbe7e5f811f283558c113cf8d90c78b1842851f27d4364d3d9f9cc86c792e406a6406c75635419f805c8f0862b142f7abc136510f489eb3e8c051f82a113922784ee798738e04cc99e14120f9a6b4de1a8a2ed2cb60b42de23a6b5a754ea828244b333f5ca639523c3b366b1090ed68cb1d4d120afa9f7da1907dcfcf09de0a88f70a909147a5a87d08e257ec4c3737a09fafd25337c260ffddf531b029dd1770c20bd7a312788389670ee87a6577557c614fcc3262a7", @ANYRES64=r2, @ANYRESHEX=r0, @ANYPTR64=&(0x7f00000002c0)=ANY=[@ANYRESDEC=r2, @ANYPTR, @ANYRESDEC=r1, @ANYRES32=r1, @ANYRES16, @ANYRESOCT=r2, @ANYPTR64, @ANYRESOCT=r1, @ANYRESHEX=r2], @ANYRESHEX, @ANYRES16=r2, @ANYPTR, @ANYPTR64]], 0x1f) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:02:33 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0xffffff7f00000000}, 0x0) 19:02:33 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x12000000) 19:02:33 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0xffffff7f00000000}, 0x0) 19:02:33 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x9, 0x5, 0x70d, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffff9c, 0x84, 0x18, &(0x7f00000000c0)={0x0, 0x10000}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000180)={r2, 0x3f, 0xff}, &(0x7f00000001c0)=0x8) r3 = gettid() r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r3, 0xfd, &(0x7f0000000280)=""/4096) read(r4, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) getpid() timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r4) tkill(r3, 0x1000000000015) 19:02:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/policy\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000000)=0x0) r4 = syz_open_procfs(r3, &(0x7f0000000040)='mounts\x00') openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x400, 0x0) ioctl$NBD_SET_TIMEOUT(r4, 0xab09, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000200)={@dev={0xfe, 0x80, [], 0x1f}, 0x8001, 0x2, 0x3, 0x6, 0x40, 0x4, 0x8}, 0x20) r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="07fe1d0600a8f8411f8ba06e2fd9a938cea3bc6d5af5c3236b63c4b4d8ca30d8f58316f16ca588d8ebfc0abe64c382c287247a5504ef6323d3c34b94eb92ad01440ac2e4812afd28b9758058553940268446a68636506f866516e7f98f1ea218479b0baa1112d970af8afc140823aae08c8ed1d82808bf02a47558e6821aad4eb249264955e24d5b400e7d6d93bb2614f2b03e103b7e93f87c365ffac8b13c7230c7346ddfee2349f00108bc06c0e0f14711061c2129b5c48808eb597fb5eb76f8e6ccab92dc86d04171d0ee300eba369ce0ca0415038aaedc5950d0edde87"], 0x7) syz_kvm_setup_cpu$x86(r2, r5, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000080)=[@cstype0={0x4, 0x3}, @efer={0x2, 0x8000}], 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000003c0)={@in={{0x2, 0x4e24}}, 0xfffffffffffffff7, 0x8000, 0x1, "35b71021b4e76c03a7b86cbd9750fd0f09a6db776c7a31f6bb7b539aa3f67dd7f17d9f8c9e30157a85f68407d2e5f417a84b48337d244b6e3b344719acfa332e8247712db1171e90a556fd637a546918"}, 0xd8) ioctl$KVM_RUN(r5, 0xae80, 0x0) 19:02:33 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x100000000000000}, 0x0) 19:02:33 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x2000000}, 0x0) 19:02:33 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xec0f00) [ 566.178491] *** Guest State *** [ 566.186331] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 566.195826] CR4: actual=0x0000000000002060, shadow=0x0000000000000020, gh_mask=ffffffffffffe871 [ 566.205847] CR3 = 0x0000000000002000 [ 566.209812] PDPTR0 = 0x0000000000000000 PDPTR1 = 0x0000000000000000 [ 566.216783] PDPTR2 = 0x0000000000000000 PDPTR3 = 0x0000000000000000 [ 566.228024] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 566.235131] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 566.241708] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 566.248837] CS: sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000 19:02:33 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x200000000000000}, 0x0) [ 566.273131] DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 19:02:33 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x9}, 0x0) [ 566.324339] SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 566.365910] ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 566.383025] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 566.393902] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 566.404749] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 566.413000] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 566.421133] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 566.429306] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 566.437333] EFER = 0x0000000000008001 PAT = 0x0007040600070406 [ 566.444225] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 566.452364] Interruptibility = 00000000 ActivityState = 00000000 [ 566.458723] *** Host State *** [ 566.458741] RIP = 0xffffffff81210ce6 RSP = 0xffff88014caef350 [ 566.458765] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 566.458780] FSBase=00007fed0de2f700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000 [ 566.458793] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 566.458808] CR0=0000000080050033 CR3=00000001d4cf8000 CR4=00000000001426e0 [ 566.458825] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c013a0 [ 566.458838] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 566.458843] *** Control State *** [ 566.458853] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 566.458862] EntryControls=0000d1ff ExitControls=002fefff [ 566.458877] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 566.458886] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 566.458895] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 566.458904] reason=80000021 qualification=0000000000000000 [ 566.458912] IDTVectoring: info=00000000 errcode=00000000 [ 566.458996] TSC Offset = 0xfffffece5ababfd9 [ 566.468142] EPT pointer = 0x00000001c244b01e [ 566.590912] *** Guest State *** [ 566.594273] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 566.604131] CR4: actual=0x0000000000002060, shadow=0x0000000000000020, gh_mask=ffffffffffffe871 [ 566.614627] CR3 = 0x0000000000002000 [ 566.619127] PDPTR0 = 0x0000000000000000 PDPTR1 = 0x0000000000000000 [ 566.625654] PDPTR2 = 0x0000000000000000 PDPTR3 = 0x0000000000000000 [ 566.632937] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 566.639015] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 566.645019] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 566.651763] CS: sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000 [ 566.659824] DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 566.667807] SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 566.675907] ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 566.684694] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 566.692762] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 566.700787] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 566.708830] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 566.716837] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 566.724879] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 566.732899] EFER = 0x0000000000008001 PAT = 0x0007040600070406 [ 566.739389] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 566.746849] Interruptibility = 00000000 ActivityState = 00000000 [ 566.753135] *** Host State *** [ 566.756334] RIP = 0xffffffff81210ce6 RSP = 0xffff88014caef350 [ 566.762367] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 566.768818] FSBase=00007fed0de2f700 GSBase=ffff8801dae00000 TRBase=fffffe0000034000 [ 566.776647] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 566.783502] CR0=0000000080050033 CR3=00000001d4cf8000 CR4=00000000001426f0 [ 566.790658] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff87c013a0 [ 566.797333] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 566.803483] *** Control State *** [ 566.806948] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 566.814318] EntryControls=0000d1ff ExitControls=002fefff [ 566.820019] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 566.826988] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 566.833719] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 566.840358] reason=80000021 qualification=0000000000000000 [ 566.846701] IDTVectoring: info=00000000 errcode=00000000 [ 566.852224] TSC Offset = 0xfffffece1efda090 [ 566.856560] EPT pointer = 0x00000001c9e7301e 19:02:36 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$bt_rfcomm(r4, &(0x7f0000000100)={0x1f, {0x4, 0x0, 0x40000000000000, 0x4, 0x2d, 0x3f}, 0xffff}, 0xa) clone(0x206102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) r5 = getpid() sched_setscheduler(r5, 0x5, &(0x7f0000000140)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1e01) 19:02:36 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$NBD_CLEAR_QUE(r0, 0xab05) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f00000000c0)=""/43, 0xf9) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000080000015) 19:02:36 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x4000000}, 0x0) 19:02:36 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x2}, 0x0) 19:02:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 568.992855] kauditd_printk_skb: 17 callbacks suppressed [ 568.992870] audit: type=1400 audit(1537556556.136:444): avc: denied { map } for pid=21922 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:36 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x400300}, 0x0) 19:02:36 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x0, 0x4}, 0x0) [ 569.157025] audit: type=1400 audit(1537556556.296:445): avc: denied { map } for pid=21941 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 569.187591] audit: type=1400 audit(1537556556.316:446): avc: denied { map } for pid=21940 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f61d060000c3"], 0x7) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r2, 0xc02c5341, &(0x7f0000000200)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x400000000, 0x0) epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, r1, &(0x7f0000000080)={0x40000001}) 19:02:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xce00000000000000) [ 569.278679] audit: type=1400 audit(1537556556.416:447): avc: denied { map } for pid=21948 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:36 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x0, 0x40030000000000}, 0x0) 19:02:36 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x2000000}, 0x0) [ 569.318877] audit: type=1400 audit(1537556556.426:448): avc: denied { map } for pid=21949 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 569.462678] audit: type=1400 audit(1537556556.606:449): avc: denied { map } for pid=21961 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 569.488481] audit: type=1400 audit(1537556556.636:450): avc: denied { map } for pid=21965 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 569.535732] audit: type=1400 audit(1537556556.666:451): avc: denied { map } for pid=21963 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 569.582391] audit: type=1400 audit(1537556556.716:452): avc: denied { map } for pid=21966 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 [ 569.627876] audit: type=1400 audit(1537556556.766:453): avc: denied { map } for pid=21967 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=0 19:02:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="070500000000c3"], 0x7) r3 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x1, 0x2000) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000080)={0x0, 0xff}, &(0x7f0000000100)=0xc) syz_open_dev$audion(&(0x7f0000000300)='/dev/audio#\x00', 0x4, 0x610402) setsockopt$inet_sctp_SCTP_MAXSEG(r3, 0x84, 0xd, &(0x7f0000000200)=@assoc_value={r4, 0x7}, 0x8) getsockopt$llc_int(r3, 0x10c, 0xb, &(0x7f0000000240), &(0x7f00000002c0)=0x4) syz_kvm_setup_cpu$x86(r2, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:02:39 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x20000) 19:02:39 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x0, 0xffffff7f00000000}, 0x0) 19:02:39 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0xffffff7f}, 0x0) 19:02:39 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$bt_rfcomm(r4, &(0x7f0000000100)={0x1f, {0x4, 0x0, 0x40000000000000, 0x4, 0x2d, 0x3f}, 0xffff}, 0xa) clone(0x206102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) getpid() ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:39 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f00000000c0)={'team0\x00', 0x0}) sendmsg$xdp(r3, &(0x7f00000006c0)={&(0x7f0000000100)={0x2c, 0x1, r4, 0x2b}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000280)="037c1ac17760f702e67ecffd9b7f92ac79a0a4616b3b78d25422b042cb7f0ead4799d43e7e277acc3b54f433b3b51c609cb347c93c492dbf02b2d163f7fb8dd143120330b0a79c965c5c6f253b88bf364e1924fee14a18cc341c23bad6890e5ff862d39c006dd25d6e1fecdcefff7ba0974d22822e6622455011687436095af3bc5fb00c8b9a47b45f42453fb86366a310e442c8256aa0217b859bb8451a", 0x9e}, {&(0x7f0000000340)="9f0f7f04ee29bd63b9ae06955010794e49853189498e1f3f6e2a22897ba5a7e86f614df42c0ad140092b1398c4cac529b1b6646ce427d956ed152e9fb6fa4de183f405091d3829cb223d7e61e20ffed7d9bd3fa8a9dd59152c657e4066352b6476a7aa3920836e28fc07ac68bb05e2928ee430f2d650ca7ebd5a1005b1ddf23ca8fa0909c6a23269d65913f64bf5fbd719637d6c00f8009f7dac7d67f7a83dca5bfacfe7c626c38ae992355f873e53ae0f74cf483d9bae4668e6b87f4f4453ce2cc3a54a59f992ab226566d9634d", 0xce}, {&(0x7f0000000440)="b015256e8cc20878601f65a5a6d1b122a789ce82b76476fc99ea03553f53be2db2649c1b3d37a743773c966e965647a8a74bea08ccc798a032933360c5a4b13012b7fa0fbd795c31bcf6bb7faf98921f6b63dcb9c41c064354c06d887abeaf2e712ec3fb2d332640b0abbed90e3a65e567bec9506a1fc4d019e088061c12d313803f5dfcb6c317", 0x87}, {&(0x7f0000000500)="8a3aaa30f01b9d72418a02ce5f6ed1a2d8874249bf7edd298550c2728828ae6bf50fd9860574a74947435b26e71db01053e4bffb6408d71ea2ed2ce4d8f4f6d8da89589e99e1805bcbe821268e03ab58ad3b5c2c57a72015d68e1e71128defb92ec32542cfc8d1eb2f4040822c1566813811fbbdf4738e2ee1c22b4db45b6531e6e71095f241c52f3c9f3ac816fdac13d482064384f8ebe4d2fc41b916475f90e690268366c15d620c39b19a931668b2c456a5e5706ca6889503d401e3bc5a091d41bfbd0684cc1324cd6d2b99490dacf6372047e5b5a29acafeff142e6eb88acac77c361e5f3bfcc80aaf8c756c80690f257d1f1e", 0xf5}, {&(0x7f0000000600)="296971e6a460895ffbbce0eab2e392852e86ba197dc6e96f469bb3f97a764c26bbd0a9423c89905a1d7e2e2ab821ccd1568f21027cb43b462fc0d50337bcd8132e6f1cb213fd4c4fc74e32a17f590ee13cdb16f707167257bbe9882f7756212904a8423652f381ecbfe266c1a2ff525a3659fd466d1939577434a6b8d0b4f9c3c1800abf4087266b3215043866", 0x8d}], 0x5, 0x0, 0x0, 0x20000001}, 0x801) dup2(r0, r2) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000000700)={0x0, @in6={{0xa, 0x4e20, 0x400, @loopback, 0x7}}, 0x8000, 0x80}, &(0x7f00000007c0)=0x90) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f0000000800)={r5, @in6={{0xa, 0x4e21, 0x4, @local, 0xa7}}}, 0x84) tkill(r1, 0x1000000000015) 19:02:39 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$bt_rfcomm(r4, &(0x7f0000000100)={0x1f, {0x4, 0x0, 0x40000000000000, 0x4, 0x2d, 0x3f}, 0xffff}, 0xa) clone(0x206102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:39 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 19:02:39 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x34000}, 0x0) 19:02:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="00007e73a7a3d1c45a022ef24109f83e95f296dbea82d4d63919a6339f3ec7fbfc9e5d161566246a4cb0577105097ace816e5390df0b8f574449880f9074bb7cf46deff143c05d2f37a6371a8d0f2f62700ce5414a298d1644ba55c2d967214e8bbf49c6fe485d1a31458567bad6"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:02:39 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x300) 19:02:39 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$bt_rfcomm(r4, &(0x7f0000000100)={0x1f, {0x4, 0x0, 0x40000000000000, 0x4, 0x2d, 0x3f}, 0xffff}, 0xa) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:39 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x40030000000000}, 0x0) 19:02:39 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x0, 0x9000000}, 0x0) 19:02:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f00000003c0)=ANY=[@ANYBLOB="eaa005d0956b30b9d5800396fc5fb7582761b7a32cd5b134f3d6108904113b3a72936e1328052d31b406839b50f9599fa9693022eb9e313ed26cd5bdf512bf4fd3a8093d00b9e316ac39040811a1ef2c48fe7a67a3fb14c8d7940000000000000000000000e0f9e1d4e39150632ccae59a39cda4fe5e129d1e7a05baf20ac174c10717dd41e30b1ae2f72c766b6def3a7d3b"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x0, 0x0, &(0x7f00000003c0), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0xff, 0x10000) ioctl$sock_bt_bnep_BNEPCONNDEL(r3, 0x400442c9, &(0x7f0000000480)={0x0, @link_local}) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x20000, 0x0) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r4, 0x84, 0x7c, &(0x7f00000002c0)={0x0, 0x7, 0x80}, &(0x7f0000000300)=0x8) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r4, 0x84, 0x7b, &(0x7f0000000340)={r5, 0x2}, &(0x7f0000000380)=0x8) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r4, 0x84, 0x65, &(0x7f0000000200)=[@in={0x2, 0x4e23, @local}, @in={0x2, 0x4e24, @broadcast}, @in6={0xa, 0x4e24, 0x0, @mcast1, 0x2}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x16}}], 0x4c) r6 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x111002, 0x0) setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r6, 0x84, 0x7, &(0x7f0000000080)={0xc6c}, 0x4) 19:02:39 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1c00) 19:02:39 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000080)=0x0) tkill(r1, 0x21) r2 = gettid() r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) fcntl$setpipe(r0, 0x407, 0x4) read(r3, &(0x7f0000000140)=""/43, 0x2b) getsockname(r3, &(0x7f0000000580)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, &(0x7f0000000440)=0xffffffffffffffde) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r3) tkill(r2, 0x1000000000015) 19:02:39 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:39 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x100000000000000}, 0x0) 19:02:39 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x0, 0x400300}, 0x0) 19:02:39 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x4b564d03) 19:02:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="6a4058df81c95555fc627cd163237c5ba011ac771fe151e88b86c692d51e0cdc7c185f5ad8dbc47239a4650f349a0bf0432606a6bbcb4c85adbf360db4455d982b52f96220a04c95c2b19bb6c7ac4aa3ab45db793a8f6ab2861b42989628fc385ec19fd971cf4ba86b5fa82337b2913e2e114a61c419067d84b8feb314184d902d9e93a1a7bbfbdc32143be6dd272748d6377411fb118949a4f4b940ce1d9a6d9d4c393bf47b47f1129d079e2ac436c68c61ff723909ad66609cabd48d9af053a3989f01727b853fc4019b612f5cc8dbca88086a16db50f1b18aa6fcb45052178297e32f40c9538565b98d08"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x20080, 0x0) mkdirat(r3, &(0x7f0000000040)='./file0\x00', 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:02:40 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:40 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x0, 0x9}, 0x0) 19:02:40 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x900000000000000}, 0x0) 19:02:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="07f614060004c3"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ppoll(&(0x7f0000000000)=[{r1, 0x4200}, {r1, 0x2002}, {r1, 0x100}, {r0, 0x8}], 0x4, &(0x7f0000000080), &(0x7f0000000100)={0x400}, 0x8) 19:02:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x9e000000) 19:02:40 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:40 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x12, 0x5, 0x4, &(0x7f0000000540)={0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000580)={'vcan0\x00', 0x0}) connect$can_bcm(r1, &(0x7f00000005c0)={0x1d, r2}, 0x10) r3 = gettid() r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r4, &(0x7f0000000140)=""/43, 0x2b) r5 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x240080, 0x0) getsockopt$inet6_int(r5, 0x29, 0x24, &(0x7f00000000c0), &(0x7f0000000100)=0x4) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0xfffffffffffffffc, 0x3, &(0x7f0000000440)=[{&(0x7f0000000280)="7aa573500d3ef458e08dc95571116d5e3b7abc7158404c068c81fdc133d010caa0d66d399e6d6d7c8aeb316d4f899b69f814c6e0df10fe7f7e6717e8d7bf5902179a6058e6b3dc0f3d18fbbb80a427e0941a1e3d1b14c560ce5b3e952718997c1038b5c3956f1f9e5d1ae3972ca40bd67f33410c8dd99136ce13e94785c7f2980c1cf5c3515199465f94ef973c83335d4ab32b357eb3d8a22ce5470c517f67ccfb483baa63b5f03b51f268048c2db123cfbaee29405ec8829490c2", 0xbb, 0xb9a3}, {&(0x7f0000000340)="336d04f1d2eb59b6325c87ae225edddb0ab5284c17cb1acbf85f0fd8ec93ead6de28f6386897278641f0a16a9a34d52e1dff342c8c63385777a8a201584ae5f6e3fe64afe22c3b160b3295c069ed6417bbb4287f0c91281b0a2d2adf233830706530db1f5b8e67d477f7c3a3503c22a07616f09d1f435e311930e91c5de9144c7b99acc21fb1da5871e977bc93c9cb3850e5e1a6a53a2c9d268a55a6e278f9fb1ee0", 0xa2, 0x3}, {&(0x7f0000000400)="dcd3e1255dda6d149b6324e0d62fc19b3ce0050a35c94d99f2c8ead884d4", 0x1e, 0x1}], 0x8, &(0x7f00000004c0)={[{@fmask={'fmask', 0x3d, 0x15a0000000000}}, {@errors_remount='errors=remount-ro'}, {@fmask={'fmask', 0x3d, 0xff}}, {@errors_remount='errors=remount-ro'}]}) timer_create(0x7, &(0x7f0000000000)={0x0, 0x17, 0x0, @thr={&(0x7f0000000600)="71c2502498d422b067d92ea3e7e27e5b32ae26212f68756a9a82bd78df752b1b3f94cacb5d7b2edf93b65568676172b28515b37e65cca03fa22f8ae47600837185e3b2aecde47984214e4eb5a10bd10d4b441c9c3db4d73d8236113ff67ac5a6d7f12fc87c251acc06876b14eb8eea0da007c0903173aafc164b99fb620412173bb94501ab6198f45fd27d0abeb2401ac3ca47ea9f8795923060cb2b9351a7e5ea45c8cc175ae0d2af432e1ccb8c10b03d65444f85e58933fa6ee6fc983b2b0d608af8c11a71bf1b36ae359a1362ca010b0ac521500559d1bd87b2c64574455e75a68fcd113c72901522ad9549b7bfb6a240924b67", &(0x7f0000000700)="421e826a085c2862506b91f3081b22751ebf0a91bf0d21285826b38c768b3c273c948b5173a2d1a89b9176a9b5c02ac589e37d59914f59288de1c838cf4e4e193949e8b2f01583d18f602069a7b2e36b596d28e9f44eec175c5cc1dba5054d10aba78f3f560ca505e379621bd16a413b75d9adb9e1f7d30f8cced52e2c2b0846081d939eaaacf8d872b8c375b8b07f3c243256c72541274b47ac1e75dccbbc265c334a75cd62027d3d63415eda3ca7d8f06179fc14b0ae90f936c16179da7a91ac08b517948720d97c75b62a302c8ac35f979471523e1ea3065ba8d85c4d9dc18776cd116e"}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r4) tkill(r3, 0x22) 19:02:40 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x0, 0x900000000000000}, 0x0) 19:02:40 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x3f00000000000000}, 0x0) 19:02:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000100)={0x3, r2}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="07d61d06dabb08bc0738c0166268055fcdd4302f1c6db53444b5128d54d36a50d26b0b0bee3c4b73378b6eea23d1ec6b7834b21455b794ac87c2dffcab400947d5bfc6be25f68e325ac27161f5a37f68a43d9c6d337cb0628814563347773e18b4a9623500000000000000000000"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/relabel\x00', 0x2, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 19:02:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xfffffff2) 19:02:40 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:40 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = accept$inet6(0xffffffffffffff9c, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={[], [], @rand_addr}}, &(0x7f0000000080)=0x1c) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000100)={@mcast2, 0x0}, &(0x7f0000000200)=0x14) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'syzkaller0\x00', r4}) write$P9_RVERSION(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="0000000000000007d460bfeed2e8c8cab97676b65e8fc2d2bcc9dde9efa38fff7b0e880b2a2350085843b4000000000000000000000000000000000000"], 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:02:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x34d564b) 19:02:40 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x4}, 0x0) 19:02:40 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x0, 0x200000000000000}, 0x0) 19:02:40 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) 19:02:41 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x0, 0x1000000}, 0x0) 19:02:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x40010000) 19:02:41 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1, 0x0, 0x2}, 0x0) 19:02:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="07f61d3e0a372bc38c22e03eeb5154917a4fc191ee36ada125b4e759cd5f1e8272fdf27a2606e82151865914b39632f908617c73463b5dfaac4eed56df7969498d4383c93a0daf389496d08587a72782047fdbde46d0d362f1cbeb0673c0e4a0d6d37d23dd0e531b35e2d96e747d842cbdeca13ad71130935d7edbd15bcb6fa50802865bee5d99a82741e6ed1d295dfc13c654a9abaf0a40f4bea34b7b0a3468882f2eba6a2481ee4a97cb40730c18a0c10a18d1b28d540079f7aa2b8295d68f2f11de923820d7a8b276c1bc32c7fa0a911c33d2a6d6c02730fed87fbe62228ddb1a92dcf132d8fa479f4c26c904674d7420165791735dbe5e2f"], 0x7) ioctl$KVM_GET_NESTED_STATE(r2, 0xc080aebe, &(0x7f00000018c0)={0x0, 0x0, 0x2080}) recvmsg(r0, &(0x7f00000000c0)={&(0x7f0000000200)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4={[], [], @dev}}}}, 0x80, &(0x7f00000016c0)=[{&(0x7f00000003c0)=""/137, 0x89}, {&(0x7f0000000480)=""/128, 0x80}, {&(0x7f0000000500)=""/4096, 0x1000}, {&(0x7f0000001500)=""/241, 0xf1}, {&(0x7f0000001600)=""/137, 0x89}], 0x5, &(0x7f0000001740)=""/159, 0x9f, 0xcfe}, 0x40010162) setsockopt$RDS_GET_MR(r3, 0x114, 0x2, &(0x7f0000001880)={{&(0x7f0000001800)}, &(0x7f0000001840), 0x13}, 0x20) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) r4 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/status\x00', 0x0, 0x0) getsockopt$inet_dccp_buf(r4, 0x21, 0x0, &(0x7f0000000040)=""/47, &(0x7f0000000080)=0x2f) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x2, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 19:02:41 executing program 3: r0 = gettid() r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) ioctl$FS_IOC_GETFLAGS(r1, 0x80086601, &(0x7f0000000080)) read(r1, &(0x7f00000000c0)=""/43, 0xffffffffffffffdc) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) r2 = dup2(0xffffffffffffffff, r1) tkill(r0, 0x1000000000015) getsockname$unix(r2, &(0x7f0000000100)=@abs, &(0x7f0000000180)=0x6e) 19:02:41 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) read(r2, &(0x7f0000000140)=""/43, 0x2b) timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89b0, &(0x7f0000001340)="6c6f00966f640400000000ca00000007000000000000009800e73f3ace16e30944e425200f08243a40a347beb14d1284bc62479cddc821481cd8a22ed1e322bd3851e92c34c6bc04d8e2e20725e0780704096ab5af2bb101811ebfdd8d1bf2e184ab92fdd15b65950f7fc90cc3eae6d7ca9b03f583963b14f6f5da7886ef47163bbd82a319d69c594bde") openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000300)={0x11, 0xf5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r2) tkill(r1, 0x1000000000015) [ 573.964024] kasan: CONFIG_KASAN_INLINE enabled [ 573.971058] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 573.978423] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 573.984657] CPU: 1 PID: 22158 Comm: syz-executor0 Not tainted 4.19.0-rc4+ #27 [ 573.991923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 574.001287] RIP: 0010:__schedule+0xfb7/0x1ed0 [ 574.005780] Code: 89 e0 48 c1 e8 03 42 80 3c 28 00 0f 85 b9 09 00 00 4d 8b 24 24 4d 85 e4 0f 84 0b f7 ff ff 49 8d 7c 24 10 48 89 f8 48 c1 e8 03 <42> 80 3c 28 00 74 a4 e8 ed ed 03 fa eb 9d 48 89 de 4c 89 ff e8 00 [ 574.024853] RSP: 0018:ffff88018dc17290 EFLAGS: 00010806 [ 574.030220] RAX: 1bd5a00000000022 RBX: ffff88018d05e4c0 RCX: 1ffff10031b71a5f [ 574.037488] RDX: 0000000040000002 RSI: 0000000000000000 RDI: dead000000000110 [ 574.044761] RBP: ffff88018dc17468 R08: ffff88018de90240 R09: fffff52001bf6a47 [ 574.052030] R10: fffff52001bf6a47 R11: ffffc9000dfb523b R12: dead000000000100 [ 574.059302] R13: dffffc0000000000 R14: ffff8801daf2cb40 R15: ffff88018de90240 [ 574.066577] FS: 00007fed0de2f700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000 [ 574.074799] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 574.080674] CR2: 00000000004414b0 CR3: 00000001ce1e5000 CR4: 00000000001426e0 [ 574.087943] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 574.095209] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 574.102475] Call Trace: [ 574.105087] ? __sched_text_start+0x8/0x8 [ 574.109238] ? check_preemption_disabled+0x48/0x200 [ 574.114266] ? find_held_lock+0x36/0x1c0 [ 574.118335] ? try_to_wake_up+0x10a/0x12f0 [ 574.122576] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 574.127681] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 574.132783] ? lockdep_hardirqs_on+0x421/0x5c0 [ 574.137372] ? preempt_schedule+0x4d/0x60 [ 574.141521] preempt_schedule_common+0x1f/0xd0 [ 574.146109] preempt_schedule+0x4d/0x60 [ 574.150085] ___preempt_schedule+0x16/0x18 [ 574.154331] _raw_spin_unlock_irqrestore+0xbb/0xd0 [ 574.159260] try_to_wake_up+0x10a/0x12f0 [ 574.163321] ? is_bpf_text_address+0xd3/0x170 [ 574.167847] ? migrate_swap_stop+0x930/0x930 [ 574.172260] ? find_held_lock+0x36/0x1c0 [ 574.176331] ? futex_wake+0x613/0x760 [ 574.180133] ? lock_downgrade+0x900/0x900 [ 574.184299] ? kasan_check_read+0x11/0x20 [ 574.188449] ? do_raw_spin_unlock+0xa7/0x2f0 [ 574.192857] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 574.197440] ? __unqueue_futex+0x2e0/0x2e0 [ 574.201675] wake_up_q+0xa4/0x100 [ 574.205131] futex_wake+0x61f/0x760 [ 574.208768] ? get_futex_key+0x21b0/0x21b0 [ 574.213009] ? rcu_lockdep_current_cpu_online+0x1f0/0x2d0 [ 574.218547] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 574.223830] ? rcu_pm_notify+0xc0/0xc0 [ 574.227726] do_futex+0x2e4/0x26d0 [ 574.231270] ? kvm_vcpu_ioctl+0x2a1/0x1150 [ 574.235514] ? exit_robust_list+0x280/0x280 [ 574.239842] ? find_held_lock+0x36/0x1c0 [ 574.243909] ? __fget+0x4aa/0x740 [ 574.247363] ? lock_downgrade+0x900/0x900 [ 574.251516] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 574.257319] ? kasan_check_read+0x11/0x20 [ 574.261473] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 574.266753] ? rcu_bh_qs+0xc0/0xc0 [ 574.270304] ? __fget+0x4d1/0x740 [ 574.273761] ? ksys_dup3+0x680/0x680 [ 574.277480] ? find_held_lock+0x36/0x1c0 [ 574.281552] ? kvm_vcpu_block+0x1030/0x1030 [ 574.285890] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 574.291429] ? do_vfs_ioctl+0x201/0x1720 [ 574.295494] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 574.300689] ? ioctl_preallocate+0x300/0x300 [ 574.305110] ? selinux_file_mprotect+0x620/0x620 [ 574.309879] __x64_sys_futex+0x472/0x6a0 [ 574.313949] ? do_futex+0x26d0/0x26d0 [ 574.317748] ? trace_hardirqs_on+0xbd/0x310 [ 574.322074] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 574.327611] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 574.332975] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 574.338424] ? ksys_ioctl+0x81/0xd0 [ 574.342073] do_syscall_64+0x1b9/0x820 [ 574.345966] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 574.351335] ? syscall_return_slowpath+0x5e0/0x5e0 [ 574.356267] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 574.361111] ? trace_hardirqs_on_caller+0x310/0x310 [ 574.366132] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 574.371151] ? prepare_exit_to_usermode+0x291/0x3b0 [ 574.376177] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 574.381024] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 574.386224] RIP: 0033:0x457679 [ 574.389421] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 574.408326] RSP: 002b:00007fed0de2ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 574.416040] RAX: ffffffffffffffda RBX: 000000000072bf08 RCX: 0000000000457679 [ 574.423317] RDX: 0000000000000000 RSI: 0000000000000081 RDI: 000000000072bf0c [ 574.430589] RBP: 000000000072bf00 R08: 44c7b3dd02bc0224 R09: 0000000000000000 [ 574.437856] R10: 44c7000000de0024 R11: 0000000000000246 R12: 000000000072bf0c [ 574.445123] R13: 00007ffe3d7b548f R14: 00007fed0de2f9c0 R15: 0000000000000000 [ 574.452604] Modules linked in: [ 574.455801] [ 574.455808] ====================================================== [ 574.455814] WARNING: possible circular locking dependency detected [ 574.455818] 4.19.0-rc4+ #27 Not tainted [ 574.455824] ------------------------------------------------------ [ 574.455829] syz-executor0/22158 is trying to acquire lock: [ 574.455833] 0000000061e6a001 ((console_sem).lock){-.-.}, at: down_trylock+0x13/0x70 [ 574.455850] [ 574.455854] but task is already holding lock: [ 574.455858] 000000000557d98a (&rq->lock){-.-.}, at: __schedule+0x236/0x1ed0 [ 574.455874] [ 574.455879] which lock already depends on the new lock. [ 574.455882] [ 574.455885] [ 574.455890] the existing dependency chain (in reverse order) is: [ 574.455893] [ 574.455896] -> #2 (&rq->lock){-.-.}: [ 574.455912] _raw_spin_lock+0x2d/0x40 [ 574.455916] task_fork_fair+0xb0/0x6d0 [ 574.455920] sched_fork+0x443/0xba0 [ 574.455925] copy_process+0x2586/0x8780 [ 574.455929] _do_fork+0x1cb/0x11d0 [ 574.455933] kernel_thread+0x34/0x40 [ 574.455937] rest_init+0x22/0xe5 [ 574.455942] start_kernel+0x8f4/0x92f [ 574.455946] x86_64_start_reservations+0x29/0x2b [ 574.455951] x86_64_start_kernel+0x76/0x79 [ 574.455956] secondary_startup_64+0xa4/0xb0 [ 574.455958] [ 574.455961] -> #1 (&p->pi_lock){-.-.}: [ 574.455977] _raw_spin_lock_irqsave+0x99/0xd0 [ 574.455982] try_to_wake_up+0xd2/0x12f0 [ 574.455986] wake_up_process+0x10/0x20 [ 574.455990] __up.isra.1+0x1c0/0x2a0 [ 574.455994] up+0x13c/0x1c0 [ 574.455999] __up_console_sem+0xbe/0x1b0 [ 574.456003] console_unlock+0x814/0x1160 [ 574.456008] vprintk_emit+0x33d/0x930 [ 574.456012] vprintk_default+0x28/0x30 [ 574.456016] vprintk_func+0x7e/0x181 [ 574.456020] printk+0xa7/0xcf [ 574.456024] load_umh+0x51/0xbd [ 574.456028] do_one_initcall+0x145/0x957 [ 574.456033] kernel_init_freeable+0x4bb/0x5ae [ 574.456037] kernel_init+0x11/0x1b2 [ 574.456042] ret_from_fork+0x3a/0x50 [ 574.456044] [ 574.456056] -> #0 ((console_sem).lock){-.-.}: [ 574.456073] lock_acquire+0x1ed/0x520 [ 574.456078] _raw_spin_lock_irqsave+0x99/0xd0 [ 574.456082] down_trylock+0x13/0x70 [ 574.456087] __down_trylock_console_sem+0xae/0x200 [ 574.456091] console_trylock+0x15/0xa0 [ 574.456095] vprintk_emit+0x322/0x930 [ 574.456100] vprintk_default+0x28/0x30 [ 574.456104] vprintk_func+0x7e/0x181 [ 574.456108] printk+0xa7/0xcf [ 574.456113] kasan_die_handler.cold.22+0x11/0x30 [ 574.456117] notifier_call_chain+0x17e/0x380 [ 574.456122] atomic_notifier_call_chain+0x96/0x190 [ 574.456127] notify_die+0x1bd/0x2d0 [ 574.456131] do_general_protection+0x248/0x2f0 [ 574.456136] general_protection+0x1e/0x30 [ 574.456140] __schedule+0xfb7/0x1ed0 [ 574.456145] preempt_schedule_common+0x1f/0xd0 [ 574.456149] preempt_schedule+0x4d/0x60 [ 574.456154] ___preempt_schedule+0x16/0x18 [ 574.456159] _raw_spin_unlock_irqrestore+0xbb/0xd0 [ 574.456163] try_to_wake_up+0x10a/0x12f0 [ 574.456168] wake_up_q+0xa4/0x100 [ 574.456172] futex_wake+0x61f/0x760 [ 574.456176] do_futex+0x2e4/0x26d0 [ 574.456180] __x64_sys_futex+0x472/0x6a0 [ 574.456185] do_syscall_64+0x1b9/0x820 [ 574.456190] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 574.456193] [ 574.456198] other info that might help us debug this: [ 574.456200] [ 574.456204] Chain exists of: [ 574.456207] (console_sem).lock --> &p->pi_lock --> &rq->lock [ 574.456228] [ 574.456232] Possible unsafe locking scenario: [ 574.456235] [ 574.456239] CPU0 CPU1 [ 574.456244] ---- ---- [ 574.456247] lock(&rq->lock); [ 574.456257] lock(&p->pi_lock); [ 574.456268] lock(&rq->lock); [ 574.456277] lock((console_sem).lock); [ 574.456286] [ 574.456290] *** DEADLOCK *** [ 574.456292] [ 574.456297] 2 locks held by syz-executor0/22158: [ 574.456299] #0: 000000000557d98a (&rq->lock){-.-.}, at: __schedule+0x236/0x1ed0 [ 574.456319] #1: 000000006c232f98 (rcu_read_lock){....}, at: atomic_notifier_call_chain+0x0/0x190 [ 574.456339] [ 574.456343] stack backtrace: [ 574.456349] CPU: 1 PID: 22158 Comm: syz-executor0 Not tainted 4.19.0-rc4+ #27 [ 574.456357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 574.456361] Call Trace: [ 574.456365] dump_stack+0x1c4/0x2b4 [ 574.456370] ? dump_stack_print_info.cold.2+0x52/0x52 [ 574.456374] ? vprintk_func+0x85/0x181 [ 574.456379] print_circular_bug.isra.33.cold.54+0x1bd/0x27d [ 574.456384] ? save_trace+0xe0/0x290 [ 574.456388] __lock_acquire+0x33e4/0x4ec0 [ 574.456393] ? mark_held_locks+0x130/0x130 [ 574.456397] ? mark_held_locks+0x130/0x130 [ 574.456402] ? mark_held_locks+0x130/0x130 [ 574.456407] ? check_preemption_disabled+0x48/0x200 [ 574.456412] ? debug_smp_processor_id+0x1c/0x20 [ 574.456417] ? perf_trace_lock_acquire+0x15b/0x800 [ 574.456422] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 574.456426] ? perf_trace_lock+0x7a0/0x7a0 [ 574.456431] ? debug_smp_processor_id+0x1c/0x20 [ 574.456436] ? perf_trace_lock_acquire+0x15b/0x800 [ 574.456440] ? perf_trace_lock+0x7a0/0x7a0 [ 574.456445] ? attach_entity_load_avg+0x860/0x860 [ 574.456450] ? graph_lock+0x170/0x170 [ 574.456455] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 574.456459] lock_acquire+0x1ed/0x520 [ 574.456463] ? down_trylock+0x13/0x70 [ 574.456468] ? find_held_lock+0x36/0x1c0 [ 574.456472] ? lock_release+0x970/0x970 [ 574.456477] ? trace_hardirqs_off+0xb8/0x310 [ 574.456482] ? vprintk_emit+0x1d3/0x930 [ 574.456486] ? trace_hardirqs_on+0x310/0x310 [ 574.456491] ? trace_hardirqs_off+0xb8/0x310 [ 574.456495] ? log_store+0x344/0x4c0 [ 574.456499] ? vprintk_emit+0x322/0x930 [ 574.456504] _raw_spin_lock_irqsave+0x99/0xd0 [ 574.456508] ? down_trylock+0x13/0x70 [ 574.456512] down_trylock+0x13/0x70 [ 574.456517] __down_trylock_console_sem+0xae/0x200 [ 574.456522] console_trylock+0x15/0xa0 [ 574.456526] vprintk_emit+0x322/0x930 [ 574.456530] ? wake_up_klogd+0x180/0x180 [ 574.456536] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 574.456541] ? check_preemption_disabled+0x48/0x200 [ 574.456545] ? debug_smp_processor_id+0x1c/0x20 [ 574.456550] ? perf_trace_lock_acquire+0x15b/0x800 [ 574.456555] ? perf_trace_lock+0x7a0/0x7a0 [ 574.456566] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 574.456571] ? check_preemption_disabled+0x48/0x200 [ 574.456575] vprintk_default+0x28/0x30 [ 574.456579] vprintk_func+0x7e/0x181 [ 574.456583] printk+0xa7/0xcf [ 574.456588] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 574.456593] ? kasan_die_handler.cold.22+0x5/0x30 [ 574.456597] ? kasan_die_handler+0x1a/0x31 [ 574.456602] kasan_die_handler.cold.22+0x11/0x30 [ 574.456607] notifier_call_chain+0x17e/0x380 [ 574.456612] ? unregister_die_notifier+0x20/0x20 [ 574.456616] ? kasan_check_read+0x11/0x20 [ 574.456622] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 574.456626] ? rcu_bh_qs+0xc0/0xc0 [ 574.456630] ? rcu_bh_qs+0xc0/0xc0 [ 574.456635] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 574.456640] atomic_notifier_call_chain+0x96/0x190 [ 574.456644] notify_die+0x1bd/0x2d0 [ 574.456649] ? __atomic_notifier_call_chain+0x1a0/0x1a0 [ 574.456654] ? search_module_extables+0x98/0xe0 [ 574.456658] ? __schedule+0xfb7/0x1ed0 [ 574.456663] ? __schedule+0xfb7/0x1ed0 [ 574.456668] ? search_exception_tables+0x47/0x50 [ 574.456672] do_general_protection+0x248/0x2f0 [ 574.456677] general_protection+0x1e/0x30 [ 574.456681] RIP: 0010:__schedule+0xfb7/0x1ed0 [ 574.456695] Code: 89 e0 48 c1 e8 03 42 80 3c 28 00 0f 85 b9 09 00 00 4d 8b 24 24 4d 85 e4 0f 84 0b f7 ff ff 49 8d 7c 24 10 48 89 f8 48 c1 e8 03 <42> 80 3c 28 00 74 a4 e8 ed ed 03 fa eb 9d 48 89 de 4c 89 ff e8 00 [ 574.456700] RSP: 0018:ffff88018dc17290 EFLAGS: 00010806 [ 574.456709] RAX: 1bd5a00000000022 RBX: ffff88018d05e4c0 RCX: 1ffff10031b71a5f [ 574.456716] RDX: 0000000040000002 RSI: 0000000000000000 RDI: dead000000000110 [ 574.456722] RBP: ffff88018dc17468 R08: ffff88018de90240 R09: fffff52001bf6a47 [ 574.456728] R10: fffff52001bf6a47 R11: ffffc9000dfb523b R12: dead000000000100 [ 574.456735] R13: dffffc0000000000 R14: ffff8801daf2cb40 R15: ffff88018de90240 [ 574.456739] ? __sched_text_start+0x8/0x8 [ 574.456744] ? check_preemption_disabled+0x48/0x200 [ 574.456749] ? find_held_lock+0x36/0x1c0 [ 574.456753] ? try_to_wake_up+0x10a/0x12f0 [ 574.456758] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 574.456763] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 574.456768] ? lockdep_hardirqs_on+0x421/0x5c0 [ 574.456773] ? preempt_schedule+0x4d/0x60 [ 574.456777] preempt_schedule_common+0x1f/0xd0 [ 574.456782] preempt_schedule+0x4d/0x60 [ 574.456786] ___preempt_schedule+0x16/0x18 [ 574.456791] _raw_spin_unlock_irqrestore+0xbb/0xd0 [ 574.456796] try_to_wake_up+0x10a/0x12f0 [ 574.456800] ? is_bpf_text_address+0xd3/0x170 [ 574.456805] ? migrate_swap_stop+0x930/0x930 [ 574.456809] ? find_held_lock+0x36/0x1c0 [ 574.456814] ? futex_wake+0x613/0x760 [ 574.456818] ? lock_downgrade+0x900/0x900 [ 574.456823] ? kasan_check_read+0x11/0x20 [ 574.456827] ? do_raw_spin_unlock+0xa7/0x2f0 [ 574.456832] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 574.456837] ? __unqueue_futex+0x2e0/0x2e0 [ 574.456841] wake_up_q+0xa4/0x100 [ 574.456845] futex_wake+0x61f/0x760 [ 574.456849] ? get_futex_key+0x21b0/0x21b0 [ 574.456855] ? rcu_lockdep_current_cpu_online+0x1f0/0x2d0 [ 574.456860] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 574.456864] ? rcu_pm_notify+0xc0/0xc0 [ 574.456868] do_futex+0x2e4/0x26d0 [ 574.456873] ? kvm_vcpu_ioctl+0x2a1/0x1150 [ 574.456877] ? exit_robust_list+0x280/0x280 [ 574.456882] ? find_held_lock+0x36/0x1c0 [ 574.456886] ? __fget+0x4aa/0x740 [ 574.456890] ? lock_downgrade+0x900/0x900 [ 574.456896] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 574.456900] ? kasan_check_read+0x11/0x20 [ 574.456905] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 574.456909] ? rcu_bh_qs+0xc0/0xc0 [ 574.456913] ? __fget+0x4d1/0x740 [ 574.456918] ? ksys_dup3+0x680/0x680 [ 574.456922] ? find_held_lock+0x36/0x1c0 [ 574.456927] ? kvm_vcpu_block+0x1030/0x1030 [ 574.456932] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 574.456936] ? do_vfs_ioctl+0x201/0x1720 [ 574.456941] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 574.456946] ? ioctl_preallocate+0x300/0x300 [ 574.456951] ? selinux_file_mprotect+0x620/0x620 [ 574.456955] __x64_sys_futex+0x472/0x6a0 [ 574.456959] ? do_futex+0x26d0/0x26d0 [ 574.456964] ? trace_hardirqs_on+0xbd/0x310 [ 574.456969] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 574.456975] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 574.456980] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 574.456984] ? ksys_ioctl+0x81/0xd [ 574.456992] Lost 18 message(s)! [ 575.486663] ---[ end trace 7e04ad2a8f0b83bf ]--- [ 575.491432] RIP: 0010:__schedule+0xfb7/0x1ed0 [ 575.495933] Code: 89 e0 48 c1 e8 03 42 80 3c 28 00 0f 85 b9 09 00 00 4d 8b 24 24 4d 85 e4 0f 84 0b f7 ff ff 49 8d 7c 24 10 48 89 f8 48 c1 e8 03 <42> 80 3c 28 00 74 a4 e8 ed ed 03 fa eb 9d 48 89 de 4c 89 ff e8 00 [ 575.514847] RSP: 0018:ffff88018dc17290 EFLAGS: 00010806 [ 575.520240] RAX: 1bd5a00000000022 RBX: ffff88018d05e4c0 RCX: 1ffff10031b71a5f [ 575.527517] RDX: 0000000040000002 RSI: 0000000000000000 RDI: dead000000000110 [ 575.534792] RBP: ffff88018dc17468 R08: ffff88018de90240 R09: fffff52001bf6a47 [ 575.542073] R10: fffff52001bf6a47 R11: ffffc9000dfb523b R12: dead000000000100 [ 575.549347] R13: dffffc0000000000 R14: ffff8801daf2cb40 R15: ffff88018de90240 [ 575.556623] FS: 00007fed0de2f700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000 [ 575.564857] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 575.570739] CR2: 00000000004414b0 CR3: 00000001ce1e5000 CR4: 00000000001426e0 [ 575.578016] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 575.585512] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 575.592787] Kernel panic - not syncing: Fatal exception [ 576.755874] Shutting down cpus with NMI [ 576.760860] Kernel Offset: disabled [ 576.764497] Rebooting in 86400 seconds..