77.114406] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 277.139889] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 277.148811] binder: 10035:10042 transaction failed 29201/-71, size 0-0 line 2762 [ 277.156461] Interruptibility = 00000000 ActivityState = 00000000 [ 277.164071] binder: 10035:10047 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0 [ 277.169840] *** Host State *** [ 277.172609] binder: undelivered TRANSACTION_ERROR: 29201 [ 277.179818] RIP = 0xffffffff811c8cac RSP = 0xffff8880571cf8c0 [ 277.194911] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 277.209310] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 277.232791] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 277.254035] CR0=0000000080050033 CR3=0000000086d45000 CR4=00000000001426f0 [ 277.273794] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 277.286138] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 277.295047] *** Control State *** [ 277.299923] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 277.308110] EntryControls=0000d1ff ExitControls=002fefff [ 277.315130] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 277.323719] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 277.333531] VMExit: intr_info=00000000 errcode=00000000 ilen=00000006 [ 277.342685] reason=80000021 qualification=0000000000000000 [ 277.352041] IDTVectoring: info=00000000 errcode=00000000 [ 277.358422] TSC Offset = 0xffffff693c486e66 [ 277.363494] EPT pointer = 0x00000000a981b01e 14:44:17 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:17 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) dup3(r0, r1, 0x0) dup2(r1, r2) 14:44:17 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:17 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/psched\x00') dup3(r0, r1, 0x0) 14:44:17 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:17 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:18 executing program 0: recvmmsg(0xffffffffffffffff, &(0x7f0000009340)=[{{0xffffffffffffffff, 0x0, &(0x7f0000003280)=[{&(0x7f0000002180)=""/113, 0x71}, {&(0x7f0000002200)=""/66, 0x42}, {&(0x7f0000002280)=""/4096, 0x1000}, {&(0x7f0000001e40)=""/64, 0x40}], 0x4, 0x0, 0x0, 0x9}}, {{&(0x7f00000034c0)=@sco, 0x80, &(0x7f0000003700)=[{&(0x7f0000003540)=""/187, 0xbb}, {&(0x7f0000003600)=""/253, 0xfd}], 0x2}, 0x5}, {{0x0, 0x0, &(0x7f0000006ec0)=[{0x0}, {&(0x7f0000006e40)=""/103, 0x67}], 0x2, 0x0, 0x0, 0x1000}}], 0x3, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes192\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000001280)=[{{&(0x7f0000000ec0)=@nl=@proc, 0x80, &(0x7f0000001180)=[{&(0x7f0000001080)=""/251, 0xfb}], 0x1, &(0x7f00000011c0)=""/157, 0x9d}}], 0x1, 0x0, 0x0) 14:44:18 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 279.627650] *** Guest State *** 14:44:18 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x400000000002a, &(0x7f0000000000)={0x2, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @initdev}}}, 0x104) [ 279.681290] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 279.718487] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 279.746482] CR3 = 0x0000000000000000 [ 279.757087] RSP = 0x0000000000000f7c RIP = 0x0000000000000007 14:44:18 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_execute_func(&(0x7f0000000040)="410f01f964ff0941c3c4e2c99758423e46d87312c4e11b7c5f5c66420fe2e33e0f1110c442019dcc6f") setsockopt$inet_buf(r1, 0x0, 0x29, &(0x7f0000000000)="a488b1139f6a9fcf8b026b8b17404ffd", 0x10) write$cgroup_type(r1, &(0x7f0000000200)='threaded\x00', 0x9) 14:44:18 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 279.808572] RFLAGS=0x00010046 DR7 = 0x0000000000000400 [ 279.826090] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 279.835363] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:44:18 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='stat\t\xc0\xd2\xfe\xbc\xf9\xdf-\xea\xc8\xc1w\xff\x17\x12H\xe9\x11\x93Q0I\xf81U\ro}\xe6l\xf67\xbd\xbf\x13\x11\x92\f\x8a&\xed\xa4\xdc\xc3x?\x9d\xb5\x11k4\xd3\x1b\x05\x12\xa5`\x8a\xaf\xf0\x1eyR4\f\xd6\xfd\x00\x00\x00\x00', 0x275a, 0x0) r1 = creat(&(0x7f0000000140)='./file0\x00', 0x0) r2 = getpid() sched_setattr(r2, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) fallocate(r1, 0x0, 0x0, 0x2000002) fallocate(r0, 0x0, 0x0, 0x10ffff) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000040)={0x0, r1}) unlink(&(0x7f00000001c0)='./file0\x00') mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) mknod$loop(&(0x7f00000005c0)='./file0\x00', 0x0, 0xffffffffffffffff) [ 279.869103] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 279.896427] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 279.918024] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 279.954935] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 279.965746] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 279.980272] GDTR: limit=0x00000000, base=0x0000000000000000 [ 280.000863] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 280.009635] IDTR: limit=0x00000000, base=0x0000000000000000 [ 280.044095] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 280.052851] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 280.059485] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 280.068867] Interruptibility = 00000000 ActivityState = 00000000 [ 280.076756] *** Host State *** [ 280.081947] RIP = 0xffffffff811c8cac RSP = 0xffff88805dfb78c0 [ 280.089042] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 280.096291] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 280.106389] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 280.113534] CR0=0000000080050033 CR3=00000000a94d7000 CR4=00000000001426f0 [ 280.130050] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 280.137317] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 280.156732] *** Control State *** [ 280.161331] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 280.174562] EntryControls=0000d1ff ExitControls=002fefff [ 280.181051] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 280.189567] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 280.198355] VMExit: intr_info=00000000 errcode=00000000 ilen=00000006 [ 280.206010] reason=80000021 qualification=0000000000000000 [ 280.214288] IDTVectoring: info=00000000 errcode=00000000 [ 280.221713] TSC Offset = 0xffffff679e3bfb4e [ 280.226923] EPT pointer = 0x000000009f60201e 14:44:20 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:20 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:20 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:20 executing program 3: r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000300)='./bus\x00', 0x0) getrlimit(0x0, &(0x7f00000000c0)) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0c0583b, &(0x7f0000000040)={0x0, 0x0, 0x20000740}) 14:44:20 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:20 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000002640)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(camellia)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000001400)="b7d9288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) 14:44:21 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 282.637638] *** Guest State *** [ 282.648699] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 282.671229] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:44:21 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x50000}]}) getsockopt$sock_linger(0xffffffffffffff9c, 0x1, 0xd, 0x0, 0x0) [ 282.704574] CR3 = 0x0000000000000000 [ 282.721873] RSP = 0x0000000000000f80 RIP = 0x0000000000002000 [ 282.740005] RFLAGS=0x00010046 DR7 = 0x0000000000000400 [ 282.747951] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 14:44:21 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:21 executing program 3: r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000300)='./bus\x00', 0x0) getrlimit(0x0, &(0x7f00000000c0)) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0c0583b, &(0x7f0000000040)={0x0, 0x0, 0x20000740}) [ 282.772169] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 282.794582] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 282.828543] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 282.869794] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 282.911908] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 282.934175] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 282.952731] GDTR: limit=0x00000000, base=0x0000000000000000 14:44:21 executing program 3: r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000300)='./bus\x00', 0x0) getrlimit(0x0, &(0x7f00000000c0)) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0c0583b, &(0x7f0000000040)={0x0, 0x0, 0x20000740}) 14:44:21 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 282.963018] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 282.979863] IDTR: limit=0x00000000, base=0x0000000000000000 [ 283.004142] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 283.045600] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 283.077421] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 283.101974] Interruptibility = 00000000 ActivityState = 00000000 [ 283.116602] *** Host State *** [ 283.125835] RIP = 0xffffffff811c8cac RSP = 0xffff88805bb878c0 [ 283.133828] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 283.141449] FSBase=00007f43d5ae8700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 283.149591] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 283.156073] CR0=0000000080050033 CR3=00000000a8b6e000 CR4=00000000001426e0 [ 283.164500] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 283.171530] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 283.184651] *** Control State *** [ 283.193054] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 283.208125] EntryControls=0000d1ff ExitControls=002fefff [ 283.224592] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 283.235934] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000 [ 283.243879] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002 [ 283.250959] reason=80000021 qualification=0000000000000000 [ 283.257666] IDTVectoring: info=00000000 errcode=00000000 [ 283.263922] TSC Offset = 0xffffff65ffb8358d [ 283.268617] EPT pointer = 0x000000009fabc01e 14:44:24 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r1 = gettid() tkill(r1, 0x1000000000016) tkill(r0, 0x16) 14:44:24 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x6, 0x1100082) openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x60000, 0x0) r1 = memfd_create(&(0x7f0000000080)='t\bnu\x00\x00\x00\x00\x00\x00\x00\x00\x00\x8c\x00', 0x0) pwritev(r1, &(0x7f0000000340)=[{&(0x7f0000001140)='\'', 0x1}], 0x1, 0x1081804) sendfile(r0, r0, 0x0, 0x200000d) ioctl$LOOP_CLR_FD(r0, 0x4c01) 14:44:24 executing program 3: r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000300)='./bus\x00', 0x0) getrlimit(0x0, &(0x7f00000000c0)) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0c0583b, &(0x7f0000000040)={0x0, 0x0, 0x20000740}) 14:44:24 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:24 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:24 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:24 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:24 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/tcp\x00') preadv(r0, &(0x7f0000000140)=[{&(0x7f0000000000)=""/171, 0xab}], 0x1, 0x0) [ 285.698331] *** Guest State *** [ 285.708897] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 14:44:24 executing program 0: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu\x00\xcdq[\xa1\x1d\xf3Z\xb8\xbf\xa2\x96%P\x8eId\xda\x84S\xfc1Hz!oD\x8f0r\xc0\xd5\x90(\x10U\x93I\xc6(\\\xbe+\x02\xf2C', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB='/'], 0x1) [ 285.787777] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 285.820149] CR3 = 0x0000000000000000 [ 285.829113] RSP = 0x0000000000000f80 RIP = 0x0000000000002000 14:44:24 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000002640)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(cast6)\x00'}, 0x58) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1800008912, &(0x7f0000000000)="0adc1f123c123f319bd070") bind$alg(r0, &(0x7f0000000100)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4309(aegis128-aesni)\x00'}, 0x58) 14:44:24 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 285.855536] RFLAGS=0x00010046 DR7 = 0x0000000000000400 [ 285.873823] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 14:44:24 executing program 3: syz_open_dev$cec(&(0x7f0000000180)='/dev/cec#\x00', 0xffffffffffffffff, 0x2) r0 = add_key$user(&(0x7f0000000080)='user\x00', &(0x7f0000000400)={'syz'}, &(0x7f0000000000)='\x00', 0x1, 0xfffffffffffffffd) add_key$user(&(0x7f00000003c0)='user\x00', &(0x7f0000000440)={'syz'}, &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x85, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) keyctl$dh_compute(0x17, &(0x7f0000000280)={r0, r0, r0}, &(0x7f00000000c0)=""/83, 0x53, 0x0) [ 285.900931] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 285.969940] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 285.988250] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 286.015062] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 286.034704] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 286.053225] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 286.070370] GDTR: limit=0x00000000, base=0x0000000000000000 [ 286.081446] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 286.116427] IDTR: limit=0x00000000, base=0x0000000000000000 [ 286.128600] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 286.153699] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 286.170461] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 286.178141] Interruptibility = 00000000 ActivityState = 00000000 [ 286.184760] *** Host State *** [ 286.188160] RIP = 0xffffffff811c8cac RSP = 0xffff88805f5cf8c0 [ 286.195228] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 286.201931] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 286.201943] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 286.201957] CR0=0000000080050033 CR3=00000000a0163000 CR4=00000000001426f0 [ 286.223710] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 286.230969] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 286.237353] *** Control State *** [ 286.241173] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 286.248066] EntryControls=0000d1ff ExitControls=002fefff [ 286.254021] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 286.261387] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000 [ 286.268269] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002 [ 286.275291] reason=80000021 qualification=0000000000000000 [ 286.281781] IDTVectoring: info=00000000 errcode=00000000 [ 286.288004] TSC Offset = 0xffffff645ad715d2 [ 286.292492] EPT pointer = 0x000000008b60901e 14:44:24 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r1 = gettid() tkill(r1, 0x1000000000016) tkill(r0, 0x16) 14:44:24 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:24 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) r0 = creat(&(0x7f00000000c0)='./file1\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x4001) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xf7c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r1, 0x8200) r2 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0) sendfile(r0, r2, 0x0, 0x8000fffffffe) 14:44:24 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:24 executing program 0: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000900)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000100)='cgroup.procs\x00', 0x2, 0x0) sendfile(r1, r1, &(0x7f0000000080)=0x2000ffc, 0x40000000000081) 14:44:24 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:25 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:25 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") seccomp(0x1, 0x0, &(0x7f0000001980)={0x2, &(0x7f0000000580)=[{0x48000035, 0x0, 0x0, 0xffffffffffffffff}, {0x6, 0x0, 0x0, 0xfffffffffffffffd}]}) fcntl$getown(r0, 0x9) [ 286.495098] audit: type=1804 audit(1555339464.927:132): pid=10216 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir106460012/syzkaller.UuHVMS/108/bus" dev="sda1" ino=17005 res=1 [ 286.626990] *** Guest State *** [ 286.649110] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 286.674294] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 286.686173] CR3 = 0x0000000000000000 [ 286.695203] RSP = 0x0000000000000f80 RIP = 0x0000000000002000 [ 286.704059] RFLAGS=0x00010046 DR7 = 0x0000000000000400 14:44:25 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:25 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x200000041fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x39, &(0x7f00000000c0)) waitid(0x0, 0x0, 0x0, 0xa0000008, 0x0) [ 286.727015] audit: type=1804 audit(1555339465.067:133): pid=10230 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir106460012/syzkaller.UuHVMS/108/bus" dev="sda1" ino=17005 res=1 [ 286.730651] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 14:44:25 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 286.831059] audit: type=1326 audit(1555339465.127:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=10240 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45ba8a code=0xffff0000 [ 286.838939] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 286.872663] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:44:25 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x74, 0x4) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x4) r1 = dup(r0) sendto$inet(r0, &(0x7f00000001c0)="1b2f73ad4127595ed5be588b47420fa3c7e37878a0d0edc02c2ddce08c94fddd7ed3f950b971bc2b751c16d885976da648c2c3294c211b7b038db1a5241a5bb38af206c163c270c06cef43cddd846f1bcd822043e190dd1f40e64d998a1e1a6d17297f5b7907f446019b0bb495f8ef97d636318db1eb25a44fdb7d8d14fc6b6f6650e11e2a12be4fab45e5c933da483b6cdf814b92003f5bf7344e80c23e37770853b24b8cb86c923292938961d92811a54b51c2ccf5d6f21f59e84a2d5c939df3c968d293689075d4e2588fb1329e17fe0df22a7cc1cc2b433ac9b422b10d60be3a82863e", 0xe5, 0x40000, 0x0, 0x0) openat$cgroup_ro(r1, &(0x7f0000000040)='memory.current\x00', 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000080)=0xda9, 0x4) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, 0x0) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) [ 286.886964] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 286.941918] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 286.976615] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 286.995365] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 287.012979] GDTR: limit=0x00000000, base=0x0000000000000000 [ 287.036062] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 287.060025] IDTR: limit=0x00000000, base=0x0000000000000000 [ 287.068623] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 287.078051] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 287.085209] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 287.101378] Interruptibility = 00000000 ActivityState = 00000000 [ 287.107800] *** Host State *** [ 287.115316] RIP = 0xffffffff811c8cac RSP = 0xffff88804aed78c0 [ 287.123969] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 287.134999] FSBase=00007f43d5ae8700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 287.147484] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 287.158012] CR0=0000000080050033 CR3=00000000a1dfc000 CR4=00000000001426e0 [ 287.167594] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 287.178664] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 287.187697] *** Control State *** [ 287.195440] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 287.204551] EntryControls=0000d1ff ExitControls=002fefff [ 287.214560] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 287.224178] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000 [ 287.232985] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002 [ 287.240908] reason=80000021 qualification=0000000000000000 [ 287.247713] IDTVectoring: info=00000000 errcode=00000000 [ 287.254699] TSC Offset = 0xffffff63dd1f0f5a [ 287.262442] EPT pointer = 0x00000000a019101e 14:44:25 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r1 = gettid() tkill(r1, 0x1000000000016) tkill(r0, 0x16) 14:44:25 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:25 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:25 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:25 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 287.474998] audit: type=1326 audit(1555339465.907:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=10240 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45ba8a code=0xffff0000 14:44:25 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:26 executing program 0: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) getrlimit(0x0, &(0x7f00000000c0)) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0c0583b, &(0x7f0000000040)={0x180000000000000, 0x0, 0x20000740}) 14:44:26 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:26 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:26 executing program 0: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) getrlimit(0x0, &(0x7f00000000c0)) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0c0583b, &(0x7f0000000040)={0x180000000000000, 0x0, 0x20000740}) 14:44:26 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x2, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:26 executing program 3: ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x6}]}) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f0000000140)="40c74adc7724e27d876f441d952bf111375896d876c4ed0f2e703cd5f8b64ff3cd946b507daea1c09fc1fe6c"}, 0x20) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x4009}) r1 = socket$kcm(0x29, 0x5, 0x0) ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8914, &(0x7f0000000c00)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&') write$cgroup_subtree(r0, &(0x7f00000000c0)={[{0x0, 'c\x86\xdd', 0x7}]}, 0xfdef) [ 287.959534] device nr0 entered promiscuous mode 14:44:26 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x0, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:26 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:26 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x3, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:26 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:26 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000000c0)={r2}) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r2, 0x7, 0x1}) [ 288.233412] device nr0 entered promiscuous mode 14:44:26 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) bind$bt_l2cap(r1, &(0x7f0000000040), 0xe) listen(r1, 0x0) ppoll(&(0x7f00000001c0)=[{r1}], 0x1, 0x0, &(0x7f0000000240)={0x2}, 0x8) 14:44:27 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:27 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x4, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:27 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:27 executing program 3: getpid() r0 = perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x0, 0x0) ioctl$UI_SET_SWBIT(r0, 0x4004556d, 0x0) sched_setaffinity(0x0, 0x181, &(0x7f0000000180)=0x9) r1 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffff9c, 0xc0086420, 0x0) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) munlock(&(0x7f0000ffb000/0x4000)=nil, 0x4000) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000240)='net/igmp6\x00') preadv(r2, &(0x7f0000000480), 0x100000000000022c, 0x6c00000000000000) fsetxattr$trusted_overlay_upper(r1, &(0x7f0000000000)='trusted.overlay.upper\x00', &(0x7f0000000080)={0x0, 0xfb, 0x21, 0x1, 0x57, "45591ad953605f2c95cfe1ee7250ec52", "9f9640b0b826b20d87e15fa0"}, 0x21, 0x3) 14:44:27 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x5, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:27 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:27 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x0, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:27 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x6, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:27 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:27 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) dup2(r0, r0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:27 executing program 3: [ 289.219570] *** Guest State *** [ 289.228461] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 289.239308] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:44:27 executing program 0: 14:44:27 executing program 3: 14:44:27 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) dup2(r0, r0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:27 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x7, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 289.281174] CR3 = 0x0000000000000000 [ 289.290721] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [ 289.305471] RFLAGS=0x00010002 DR7 = 0x0000000000000400 14:44:27 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) dup2(r0, r0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:27 executing program 3: read$FUSE(0xffffffffffffffff, 0x0, 0x0) r0 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$UI_GET_VERSION(0xffffffffffffffff, 0x8004552d, 0x0) r1 = perf_event_open(&(0x7f00000001c0)={0x2, 0x70, 0xee68, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r2, &(0x7f0000000240)={0x2, 0x0, @loopback}, 0x10) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmmsg(r0, &(0x7f0000003640)=[{{&(0x7f00000020c0)=@in={0x2, 0x4e20, @remote}, 0x80, &(0x7f0000002200), 0x0, &(0x7f0000002240)}}], 0x1, 0x0) sendmmsg(r2, &(0x7f0000007fc0), 0x4000000000001a8, 0x200096dc) perf_event_open(&(0x7f0000000280)={0x3, 0x70, 0x6, 0x8001, 0x5280, 0x8, 0x0, 0xfffffffffffeffff, 0x40000, 0x4, 0x802000000000, 0x2, 0x1ae358c5, 0x7f, 0x1ff, 0x0, 0x8, 0xffffffffffffe21a, 0xffffffff, 0x4, 0x7, 0x5, 0x3, 0x2, 0x3, 0x0, 0x9, 0x8001, 0x400, 0x0, 0x8, 0x9cb, 0x9, 0x7, 0x4, 0xb, 0x0, 0x10000000000, 0x0, 0x3, 0x0, @perf_config_ext={0x80, 0x40}, 0x0, 0x0, 0x9, 0xd, 0x2, 0x5, 0x400}, 0x0, 0x0, r1, 0x9) inotify_init1(0x80800) [ 289.346181] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 14:44:27 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x8, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 289.407641] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 289.452231] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 289.477661] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 289.494215] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 289.506535] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 289.519335] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 289.535023] GDTR: limit=0x00000000, base=0x0000000000000000 [ 289.558993] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 289.594947] IDTR: limit=0x00000000, base=0x0000000000000000 [ 289.615734] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 289.624415] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 289.631653] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 289.639561] Interruptibility = 00000000 ActivityState = 00000000 [ 289.647377] *** Host State *** [ 289.652280] RIP = 0xffffffff811c8cac RSP = 0xffff8880569678c0 [ 289.659175] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 289.666929] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 289.675708] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 289.683424] CR0=0000000080050033 CR3=000000008bb0e000 CR4=00000000001426f0 [ 289.691968] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 289.698942] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 289.711043] *** Control State *** [ 289.714931] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 289.724673] EntryControls=0000d1ff ExitControls=002fefff [ 289.736138] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 289.744970] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000 [ 289.760789] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 289.768511] reason=80000021 qualification=0000000000000000 [ 289.775150] IDTVectoring: info=00000000 errcode=00000000 [ 289.802302] TSC Offset = 0xffffff6276478af4 [ 289.807283] EPT pointer = 0x0000000081a7401e 14:44:28 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x9, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:28 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) bind$bt_l2cap(r1, &(0x7f0000000040), 0xe) listen(r1, 0x0) dup3(r0, r1, 0x0) 14:44:28 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:28 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x0, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:28 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee67, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x8000, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) write$binfmt_elf64(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="03177f454c4606050700070000f9a8cf32028ad27e000d0000007b0300000000000040000000000000003f00380001000900ff4b010002000000000000000000000000000005b48184958e90e0"], 0x4d) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 14:44:28 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:28 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:28 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0xa, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:28 executing program 0: [ 290.086188] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 290.119327] *** Guest State *** 14:44:28 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) [ 290.137287] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 290.197503] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:44:28 executing program 0: 14:44:28 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0xb, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:28 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) [ 290.240781] CR3 = 0x0000000000000000 [ 290.248263] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [ 290.265952] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 290.280606] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 14:44:28 executing program 3: [ 290.303935] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 290.336586] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:44:28 executing program 0: [ 290.404040] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 290.446035] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 290.472167] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 290.481860] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 290.496756] GDTR: limit=0x00000000, base=0x0000000000000000 [ 290.515711] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 290.524864] IDTR: limit=0x00000000, base=0x0000000000000000 [ 290.543479] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 290.558404] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 290.565404] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 290.575569] Interruptibility = 00000000 ActivityState = 00000000 [ 290.583088] *** Host State *** [ 290.586920] RIP = 0xffffffff811c8cac RSP = 0xffff8880485878c0 [ 290.593063] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 290.599623] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 290.609256] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 290.615442] CR0=0000000080050033 CR3=0000000099520000 CR4=00000000001426f0 [ 290.622570] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 290.630048] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 290.636825] *** Control State *** [ 290.640437] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 290.647115] EntryControls=0000d1ff ExitControls=002fefff [ 290.652683] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 290.659622] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000 [ 290.666507] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 290.673171] reason=80000021 qualification=0000000000000000 [ 290.679520] IDTVectoring: info=00000000 errcode=00000000 [ 290.685077] TSC Offset = 0xffffff61ff7bccd1 [ 290.689408] EPT pointer = 0x000000006369301e 14:44:29 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, 0x0) poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:29 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0xc, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:29 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:29 executing program 3: 14:44:29 executing program 0: 14:44:29 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:29 executing program 0: 14:44:29 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:29 executing program 3: 14:44:29 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0xd, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:29 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:29 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 291.185737] *** Guest State *** [ 291.200663] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 291.226478] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 291.236094] CR3 = 0x0000000000000000 [ 291.240692] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 291.246864] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 291.253697] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 291.261041] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 291.269202] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 291.277834] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 291.286309] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 291.294753] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 291.302812] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 291.310898] GDTR: limit=0x00000000, base=0x0000000000000000 [ 291.320360] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 291.328953] IDTR: limit=0x00000000, base=0x0000000000000000 [ 291.337857] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 291.347512] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 291.354325] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 291.362156] Interruptibility = 00000000 ActivityState = 00000000 [ 291.368407] *** Host State *** [ 291.371709] RIP = 0xffffffff811c8cac RSP = 0xffff8880546078c0 [ 291.377965] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 291.384492] FSBase=00007f43d5ae8700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 291.392395] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 291.398575] CR0=0000000080050033 CR3=000000008b136000 CR4=00000000001426e0 [ 291.406694] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 291.413832] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 291.420095] *** Control State *** [ 291.423724] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 291.430488] EntryControls=0000d1ff ExitControls=002fefff [ 291.436182] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 291.443218] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 291.450083] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 291.456672] reason=80000021 qualification=0000000000000000 [ 291.464708] IDTVectoring: info=00000000 errcode=00000000 [ 291.470261] TSC Offset = 0xffffff6169d5d8d7 [ 291.474594] EPT pointer = 0x000000009f8c301e 14:44:30 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, 0x0) poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:30 executing program 3: 14:44:30 executing program 0: 14:44:30 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:30 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x10, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:30 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:30 executing program 0: 14:44:30 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:30 executing program 3: [ 291.857546] *** Guest State *** 14:44:30 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x300, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 291.879878] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 291.909968] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:44:30 executing program 3: 14:44:30 executing program 0: [ 291.949336] CR3 = 0x0000000000000000 [ 291.969100] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 291.997953] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 292.028271] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 292.054808] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 292.078474] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 292.088953] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 292.098602] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 292.107543] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 292.117583] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 292.127227] GDTR: limit=0x00000000, base=0x0000000000000000 [ 292.135822] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 292.144269] IDTR: limit=0x00000000, base=0x0000000000000000 [ 292.152557] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 292.161355] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 292.168155] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 292.175801] Interruptibility = 00000000 ActivityState = 00000000 [ 292.182826] *** Host State *** [ 292.191887] RIP = 0xffffffff811c8cac RSP = 0xffff888055f5f8c0 [ 292.197903] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 292.204594] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 292.212507] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 292.218518] CR0=0000000080050033 CR3=00000000a93c0000 CR4=00000000001426f0 [ 292.225679] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 292.232406] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 292.238679] *** Control State *** [ 292.242378] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 292.249321] EntryControls=0000d1ff ExitControls=002fefff [ 292.256588] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 292.265300] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 292.272482] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 292.279339] reason=80000021 qualification=0000000000000000 [ 292.286528] IDTVectoring: info=00000000 errcode=00000000 [ 292.292437] TSC Offset = 0xffffff610fe15de6 [ 292.296878] EPT pointer = 0x000000008950701e 14:44:31 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, 0x0) poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:31 executing program 2: setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42803) 14:44:31 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0xffffff1f, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:31 executing program 3: 14:44:31 executing program 0: 14:44:31 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:31 executing program 2: setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42803) 14:44:31 executing program 3: 14:44:31 executing program 0: [ 292.715961] *** Guest State *** 14:44:31 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 292.744826] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 14:44:31 executing program 3: 14:44:31 executing program 0: [ 292.791741] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 292.839077] CR3 = 0x0000000000000000 [ 292.856434] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 292.869956] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 292.876357] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 292.912717] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 292.936251] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 292.953835] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 292.974507] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 292.995122] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 293.004090] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 293.012435] GDTR: limit=0x00000000, base=0x0000000000000000 [ 293.021878] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 293.030680] IDTR: limit=0x00000000, base=0x0000000000000000 [ 293.039158] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 293.048721] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 293.055715] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 293.063314] Interruptibility = 00000000 ActivityState = 00000000 [ 293.069778] *** Host State *** [ 293.073249] RIP = 0xffffffff811c8cac RSP = 0xffff88805bcbf8c0 [ 293.080083] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 293.087197] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 293.095688] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 293.102686] CR0=0000000080050033 CR3=0000000086879000 CR4=00000000001426f0 [ 293.111221] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 293.120409] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 293.126708] *** Control State *** [ 293.130300] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 293.137156] EntryControls=0000d1ff ExitControls=002fefff [ 293.142726] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 293.149740] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 293.156526] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 293.163302] reason=80000021 qualification=0000000000000000 [ 293.169834] IDTVectoring: info=00000000 errcode=00000000 [ 293.175428] TSC Offset = 0xffffff609a12f9eb [ 293.179849] EPT pointer = 0x00000000898aa01e 14:44:31 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)) poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:31 executing program 2: setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42803) 14:44:31 executing program 3: 14:44:31 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:31 executing program 0: 14:44:31 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:31 executing program 3: 14:44:31 executing program 0: 14:44:31 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:32 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:32 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:32 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:32 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)) poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:32 executing program 3: 14:44:32 executing program 0: 14:44:32 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:32 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:32 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:32 executing program 3: 14:44:32 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x0, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:32 executing program 0: 14:44:32 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:32 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:33 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x0, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:33 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)) poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:33 executing program 0: 14:44:33 executing program 3: 14:44:33 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:33 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x0, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:33 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:33 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:33 executing program 3: 14:44:33 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:33 executing program 0: 14:44:33 executing program 3: 14:44:33 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:34 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c12") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:34 executing program 0: 14:44:34 executing program 3: 14:44:34 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:34 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:34 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:34 executing program 0: 14:44:34 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040), 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:34 executing program 3: 14:44:34 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:34 executing program 0: 14:44:34 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 296.451384] *** Guest State *** [ 296.464841] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 296.483859] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 296.494404] CR3 = 0x0000000000000000 [ 296.502960] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 296.511026] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 296.517208] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 296.524054] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 296.532352] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 296.543938] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 296.552042] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 296.560145] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 296.568140] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 296.576340] GDTR: limit=0x00000000, base=0x0000000000000000 [ 296.585427] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 296.593583] IDTR: limit=0x00000000, base=0x0000000000000000 [ 296.601622] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 296.610854] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 296.617406] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 296.624959] Interruptibility = 00000000 ActivityState = 00000000 [ 296.631570] *** Host State *** [ 296.634776] RIP = 0xffffffff811c8cac RSP = 0xffff88805e01f8c0 [ 296.640860] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 296.647476] FSBase=00007f43d5ae8700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 296.655364] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 296.661427] CR0=0000000080050033 CR3=00000000905c4000 CR4=00000000001426e0 [ 296.668490] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 296.677151] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 296.683265] *** Control State *** [ 296.687031] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 296.694042] EntryControls=0000d1ff ExitControls=002fefff [ 296.700053] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 296.707026] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 296.713797] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 296.720483] reason=80000021 qualification=0000000000000000 [ 296.726850] IDTVectoring: info=00000000 errcode=00000000 [ 296.732825] TSC Offset = 0xffffff5e97f09ba8 [ 296.737356] EPT pointer = 0x000000008dc1601e 14:44:35 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c12") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:35 executing program 3: 14:44:35 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:35 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040), 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:35 executing program 0: 14:44:35 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:35 executing program 0: 14:44:35 executing program 3: 14:44:35 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:35 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040), 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) [ 297.047785] *** Guest State *** [ 297.067252] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 14:44:35 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) [ 297.146958] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 297.182044] CR3 = 0x0000000000000000 14:44:35 executing program 0: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x67, 0xf7c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) setsockopt$inet6_int(r2, 0x29, 0x11, &(0x7f0000000100)=0x5, 0x4) [ 297.199217] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 297.210038] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 297.246213] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 297.283381] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 297.303769] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 297.313011] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 297.322335] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 297.330822] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 297.338942] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 297.348115] GDTR: limit=0x00000000, base=0x0000000000000000 [ 297.357018] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 297.365831] IDTR: limit=0x00000000, base=0x0000000000000000 [ 297.375691] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 297.384952] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 297.392792] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 297.400679] Interruptibility = 00000000 ActivityState = 00000000 [ 297.407722] *** Host State *** [ 297.411132] RIP = 0xffffffff811c8cac RSP = 0xffff8880493a78c0 [ 297.417821] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 297.424426] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 297.432701] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 297.438610] CR0=0000000080050033 CR3=0000000094872000 CR4=00000000001426f0 [ 297.445827] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 297.453210] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 297.459973] *** Control State *** [ 297.463442] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 297.472170] EntryControls=0000d1ff ExitControls=002fefff [ 297.477733] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 297.484951] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 297.492802] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 297.499399] reason=80000021 qualification=0000000000000000 [ 297.505889] IDTVectoring: info=00000000 errcode=00000000 [ 297.511537] TSC Offset = 0xffffff5e46a8877d [ 297.516436] EPT pointer = 0x000000009a56a01e 14:44:36 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c12") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:36 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000009340)=[{{0x0, 0x0, &(0x7f0000003700)=[{&(0x7f0000003540)=""/187, 0xbb}, {&(0x7f0000003600)=""/253, 0xfd}], 0x2, &(0x7f0000003740)=""/165, 0xa5}}, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}}], 0x2, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes192\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000001280)=[{{&(0x7f0000000ec0)=@nl=@proc, 0x34e, &(0x7f0000001180)=[{&(0x7f0000001080)=""/251, 0xfb}], 0x11, &(0x7f00000011c0)=""/157, 0x9d}}], 0x1500, 0x0, &(0x7f0000001380)={0x77359400}) 14:44:36 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:36 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:36 executing program 0: r0 = creat(&(0x7f0000000380)='./file0\x00', 0x2) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) request_key(0x0, &(0x7f00000008c0)={'syz', 0x3}, &(0x7f0000000900)='\x00', 0xfffffffffffffffd) lstat(&(0x7f00000009c0)='./file0\x00', &(0x7f0000000940)) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) sendmsg$NBD_CMD_STATUS(0xffffffffffffffff, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000003c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000)) ioctl$TCSBRKP(0xffffffffffffffff, 0x5425, 0x7) r2 = socket$inet(0x10, 0x3, 0xc) ioctl$TIOCSLCKTRMIOS(r0, 0x5457, &(0x7f00000002c0)) getuid() ioctl$TCGETS(0xffffffffffffffff, 0x5401, 0x0) lstat(0x0, 0x0) pwritev(r1, &(0x7f0000000180)=[{&(0x7f0000000540)="639a4e290db3c0de5196ddfc938f26e62e8a20f2a3e3db02fbafb9fad909cf978aa3dc14fbce0b9110d3db3abd75e7308d2b8d7561bf70cf6220696ee23dc0b6e197d0bfdf0388af6262d994657365ee8fa092384049f7b7d402d410a2378d", 0x5f}], 0x1, 0x0) sendmsg(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e28000000110affff82aba0aa1c0009b356da5a80918b06b20cd37ed01cc00000000000000000", 0x4a}], 0x1}, 0x0) keyctl$describe(0x6, 0x0, &(0x7f0000000300)=""/95, 0x5f) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20000000, 0x0, 0x0) mkdir(&(0x7f0000000700)='./file1\x00', 0x0) creat(&(0x7f0000000280)='./file1/file0\x00', 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = getpid() sched_setscheduler(r4, 0x5, &(0x7f0000000040)) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000000)='./file1/file0\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f0000000b00)={{}, {}, [], {0x4, 0x1}, [{}, {0x8, 0x4}]}, 0x34, 0x0) mkdir(&(0x7f00000003c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='overlay\x00', 0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c6531007c778e0bfce8be9442e5de490cbb0be96b2c6530f4d45fe9a8759d3253118037b336f1d28bdd28af07a13b9fcd5b1c99fabd5141e162e10f6bc7a42e84a3397cbc08fe6d7808cae9c43a3da7629f6d6fe702692cd1f86dcce2720a3cf2a4a497e1c9e974267ed7044fde46b1ac14f5dfb44f06c118696b96191e41f2d29aa7125c9974f619cd21ab9a07c41374a1ad9fa7e88b1bf39b3d000000000000b4a5f2"]) 14:44:36 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:36 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) [ 297.912750] *** Guest State *** 14:44:36 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 297.937903] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 298.024184] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:44:36 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, 0x0, 0x0) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) [ 298.065299] CR3 = 0x0000000000000000 [ 298.098837] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 298.120257] overlayfs: './file0' not a directory [ 298.127078] RFLAGS=0x00010002 DR7 = 0x0000000000000400 14:44:36 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") getpid() rt_tgsigqueueinfo(0x0, 0x0, 0x0, 0x0) waitid(0x2, 0x0, &(0x7f0000003ff8), 0xa0000004, 0x0) [ 298.148987] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 14:44:36 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 298.210013] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 298.254608] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 298.300191] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 298.310172] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 298.318657] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 298.327863] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 298.336902] GDTR: limit=0x00000000, base=0x0000000000000000 14:44:36 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, 0x0, 0x0) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) [ 298.345324] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 298.358347] IDTR: limit=0x00000000, base=0x0000000000000000 [ 298.368692] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 298.394528] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 298.441185] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 298.453679] Interruptibility = 00000000 ActivityState = 00000000 [ 298.460658] *** Host State *** [ 298.464236] RIP = 0xffffffff811c8cac RSP = 0xffff88805f70f8c0 [ 298.477374] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 298.491164] FSBase=00007f43d5ae8700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 298.509279] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 298.523101] CR0=0000000080050033 CR3=000000008dc16000 CR4=00000000001426e0 [ 298.534180] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 298.549186] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 298.556076] *** Control State *** [ 298.560253] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 298.567447] EntryControls=0000d1ff ExitControls=002fefff [ 298.574535] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 298.586934] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 298.596603] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 298.614959] reason=80000021 qualification=0000000000000000 [ 298.625496] IDTVectoring: info=00000000 errcode=00000000 [ 298.634452] TSC Offset = 0xffffff5dcf606448 [ 298.638915] EPT pointer = 0x000000009faa001e 14:44:37 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319b") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:37 executing program 0: r0 = socket$inet(0x2, 0x3, 0x80) connect$inet(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x23, &(0x7f0000000000)={{{@in=@multicast2, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x200}}, {{@in6}, 0x0, @in6=@loopback}}, 0xe8) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f00000002c0)={@multicast2, @local, 0x1, 0x1, [@loopback]}, 0x14) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000140)={@multicast2, @local, 0x1, 0x1, [@initdev]}, 0x14) 14:44:37 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:37 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, 0x0, 0x0) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:37 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:37 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 298.746798] cgroup: fork rejected by pids controller in /syz2 14:44:37 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(0xffffffffffffffff, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:37 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 298.801326] *** Guest State *** [ 298.817587] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 14:44:37 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) fcntl$setstatus(r0, 0x4, 0x42803) [ 298.861513] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 298.890052] CR3 = 0x0000000000000000 14:44:37 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:37 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(0xffffffffffffffff, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) [ 298.907741] RSP = 0x0000000000002000 RIP = 0x0000000000000000 14:44:37 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 298.975468] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 299.038825] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 299.047976] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 299.106052] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 299.119014] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 299.136012] *** Guest State *** [ 299.142300] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 299.150479] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 299.150495] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 299.150500] CR3 = 0x0000000000000000 [ 299.150508] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 299.150519] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 299.150533] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 299.150545] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 299.150563] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 299.150581] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 299.150597] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 299.166597] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 299.173939] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 299.185552] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 299.195722] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 299.211296] GDTR: limit=0x00000000, base=0x0000000000000000 [ 299.223112] GDTR: limit=0x00000000, base=0x0000000000000000 [ 299.235601] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 299.248332] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 299.254263] IDTR: limit=0x00000000, base=0x0000000000000000 [ 299.257857] IDTR: limit=0x00000000, base=0x0000000000000000 [ 299.273849] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 299.279189] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 299.289210] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 299.315855] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 299.316975] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 299.340633] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 299.346568] Interruptibility = 00000000 ActivityState = 00000000 [ 299.360743] *** Host State *** [ 299.364217] RIP = 0xffffffff811c8cac RSP = 0xffff88804c7478c0 [ 299.370903] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 299.371848] Interruptibility = 00000000 ActivityState = 00000000 [ 299.384609] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 299.391626] *** Host State *** [ 299.396767] RIP = 0xffffffff811c8cac RSP = 0xffff88805f5f78c0 [ 299.397877] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 299.408311] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 299.411662] CR0=0000000080050033 CR3=00000000926ba000 CR4=00000000001426f0 [ 299.416507] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 299.425869] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 299.439575] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 299.446870] *** Control State *** [ 299.451128] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 299.459036] EntryControls=0000d1ff ExitControls=002fefff [ 299.467924] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 299.475989] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 299.484694] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 299.488670] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 299.496427] reason=80000021 qualification=0000000000000000 [ 299.506549] CR0=0000000080050033 CR3=00000000a89a8000 CR4=00000000001426f0 [ 299.506952] IDTVectoring: info=00000000 errcode=00000000 [ 299.518264] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 299.520927] TSC Offset = 0xffffff5d55745eb7 [ 299.526563] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 299.531178] EPT pointer = 0x00000000a99ff01e [ 299.541106] *** Control State *** [ 299.545348] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca 14:44:38 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319b") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:38 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:38 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(0xffffffffffffffff, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:38 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f123c123f319bd070") getsockopt$inet_int(r0, 0x0, 0x1b, &(0x7f0000000180), &(0x7f0000000080)=0x4) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x801, 0x0) ioctl$TUNSETVNETLE(r1, 0x400454dc, &(0x7f0000000100)=0x1) write$sndseq(r1, &(0x7f0000000040)=[{0x4, 0x0, 0x0, 0xffffffffffff7fff, @tick, {}, {}, @quote}], 0x30) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000000300)=""/136) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in={{0x2, 0x4e24, @broadcast}}, 0x20, 0x9, 0x5, 0x7, 0xb}, &(0x7f0000000000)=0x98) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000280)={0x7, 0xfcccd45f5a3d1fd5, 0x6, 0x8, r2}, &(0x7f00000002c0)=0x10) 14:44:38 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 299.562727] EntryControls=0000d1ff ExitControls=002fefff [ 299.568556] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 299.581512] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 299.620062] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 299.626998] reason=80000021 qualification=0000000000000000 14:44:38 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, 0xffffffffffffffff) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) [ 299.662858] IDTVectoring: info=00000000 errcode=00000000 [ 299.696109] TSC Offset = 0xffffff5d282cc628 [ 299.706438] *** Guest State *** 14:44:38 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x2, 0x0) socket$inet6(0xa, 0xa, 0x3) r2 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x7, 0x18000) getsockname$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000100)=0x1c) ioctl$VIDIOC_QUERYCAP(r2, 0x80685600, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r1, 0x4020565a, &(0x7f0000000040)={0x5, 0x0, 0x3}) 14:44:38 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 299.712746] EPT pointer = 0x00000000a13ed01e [ 299.722290] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 299.781080] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:44:38 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 299.829390] CR3 = 0x0000000000000000 [ 299.846039] RSP = 0x0000000000002000 RIP = 0x0000000000000000 14:44:38 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, 0xffffffffffffffff) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:38 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 299.877910] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 299.891990] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 299.899244] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:44:38 executing program 0: r0 = accept(0xffffffffffffff9c, 0x0, &(0x7f0000000000)) accept4$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0xffffffff, @reserved}, 0x10, 0x800) set_mempolicy(0x2, &(0x7f0000000140)=0x6, 0x9) ioctl$VIDIOC_ENUM_FRAMEINTERVALS(0xffffffffffffffff, 0xc034564b, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000300)='/dev/loop#\x00', 0x0, 0x800000000105082) r2 = memfd_create(&(0x7f00000000c0)='\x00\x00\x00\x00\x8c\x00'/15, 0x0) pwritev(r2, &(0x7f0000f50f90)=[{&(0x7f0000000100)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f00000ddff8), 0x10200000e) [ 299.949867] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 299.964351] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 299.989989] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 299.998983] *** Guest State *** [ 300.010630] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 300.027816] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 300.049068] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 300.060157] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 300.070635] GDTR: limit=0x00000000, base=0x0000000000000000 [ 300.079312] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 300.087662] CR3 = 0x0000000000000000 [ 300.091849] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 300.098247] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 300.104698] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 300.105165] IDTR: limit=0x00000000, base=0x0000000000000000 [ 300.132320] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 300.153515] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 300.182834] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 300.186508] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 300.191398] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 300.206059] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 300.207636] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 300.214404] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 300.222220] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 300.234897] Interruptibility = 00000000 ActivityState = 00000000 [ 300.254091] *** Host State *** [ 300.257531] RIP = 0xffffffff811c8cac RSP = 0xffff8880612df8c0 [ 300.259999] GDTR: limit=0x00000000, base=0x0000000000000000 [ 300.268288] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 300.272643] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 300.282848] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 300.287249] IDTR: limit=0x00000000, base=0x0000000000000000 [ 300.296074] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 300.302955] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 300.314190] CR0=0000000080050033 CR3=00000000926bb000 CR4=00000000001426f0 [ 300.330091] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 300.330536] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 300.336878] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 300.343787] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 300.350688] *** Control State *** [ 300.363925] Interruptibility = 00000000 ActivityState = 00000000 [ 300.370718] *** Host State *** [ 300.374254] RIP = 0xffffffff811c8cac RSP = 0xffff888056fef8c0 [ 300.377209] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 300.385071] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 300.387534] EntryControls=0000d1ff ExitControls=002fefff [ 300.394429] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 300.406103] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 300.408286] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 300.415753] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 300.421777] CR0=0000000080050033 CR3=000000008dd96000 CR4=00000000001426f0 [ 300.434371] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 300.436832] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 300.444853] reason=80000021 qualification=0000000000000000 [ 300.450842] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 300.464205] *** Control State *** [ 300.465188] IDTVectoring: info=00000000 errcode=00000000 [ 300.467885] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 300.474168] TSC Offset = 0xffffff5cdb99bd24 14:44:38 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319b") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:38 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, 0xffffffffffffffff) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:38 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:38 executing program 0: r0 = syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0x7fffffc, 0x40000) ioctl$EVIOCGLED(r0, 0x80404519, 0xfffffffffffffffd) openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x2600) ioctl$EVIOCSCLOCKID(r0, 0x400445a0, &(0x7f00000003c0)=0x7) [ 300.491094] EPT pointer = 0x000000008b70001e [ 300.494375] EntryControls=0000d1ff ExitControls=002fefff 14:44:39 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:39 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:39 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 300.600137] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 300.616306] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 14:44:39 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0xd65, &(0x7f00000001c0)="0adc1f123c123f319bc070") r1 = socket(0x1e, 0x2, 0x0) bind(r1, &(0x7f0000d80f80)=@generic={0x1e, "0103000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cb184a"}, 0x80) bind$tipc(r1, &(0x7f0000000040)=@name, 0x10) bind(r1, &(0x7f0000670000)=@generic={0x1e, "01fd000000000000000000000000fc00000005a121b80c00000000800000002e0a53b232394a0000000100000000ffff0f82e52b0a669ae43a620170a00021f069ca021f6f65dc1161e7068f358c00f9ecff1458d1ea03000030ffff000000090003b9c8ead200c577aeb81c90541d6d7c770ee590c8bcf70dc151eb1849"}, 0x80) [ 300.644808] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 300.745672] reason=80000021 qualification=0000000000000000 [ 300.765736] IDTVectoring: info=00000000 errcode=00000000 [ 300.781063] *** Guest State *** [ 300.784399] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 300.809959] TSC Offset = 0xffffff5cb402ed0c [ 300.821004] EPT pointer = 0x000000008a85f01e 14:44:39 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:39 executing program 0: r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) recvmsg(r0, &(0x7f0000001700)={0x0, 0x0, 0x0}, 0x40000040) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='loginuid\x00') write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040), 0x106, 0x6}}, 0x20) 14:44:39 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:39 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) [ 300.852628] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 300.919957] CR3 = 0x0000000000000000 [ 300.933514] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 300.962487] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 300.977019] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 300.987046] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 300.996024] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 301.004584] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 301.012871] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 301.028521] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 301.058322] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 301.087621] GDTR: limit=0x00000000, base=0x0000000000000000 [ 301.104037] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 301.112658] IDTR: limit=0x00000000, base=0x0000000000000000 [ 301.121347] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 301.129530] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 301.136835] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 301.144662] Interruptibility = 00000000 ActivityState = 00000000 [ 301.151103] *** Host State *** [ 301.154312] RIP = 0xffffffff811c8cac RSP = 0xffff88805e2178c0 [ 301.160472] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 301.166898] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 301.174972] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 301.180971] CR0=0000000080050033 CR3=00000000926bb000 CR4=00000000001426f0 [ 301.188002] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 301.194842] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 301.201176] *** Control State *** [ 301.204647] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 301.211399] EntryControls=0000d1ff ExitControls=002fefff [ 301.216960] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 301.224065] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 301.231874] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 301.238679] reason=80000021 qualification=0000000000000000 [ 301.245062] IDTVectoring: info=00000000 errcode=00000000 [ 301.250617] TSC Offset = 0xffffff5c48f07c86 [ 301.254953] EPT pointer = 0x0000000055f1701e 14:44:39 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd0") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:39 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:39 executing program 0: r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) recvmsg(r0, &(0x7f0000001700)={0x0, 0x0, 0x0}, 0x40000040) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='loginuid\x00') write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040), 0x106, 0x6}}, 0x20) 14:44:39 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 14:44:39 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:39 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:39 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f00000004c0)={0x0, {0x2, 0x0, @empty}, {0x2, 0x0, @broadcast}, {0x2, 0x0, @multicast2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='/\x00~WM\x00\x030\x80\x90\"\xcf\xde&U]\xc9\xec\xfe\x19t@n\xda\xd3\x83dx-c\xb6a(T\xb9\xe4\x9d\xbd\xca\xefq\x81\x97\xe3~\x87\n0\x8b\x1e:y\x8f\xa7\x88\xa4m0%\xef\x93>Q\x82\x8a\xb6u\x06N*\xdb\xe9\x12d#\xb4\xa7=h\xfb\xe9\x9cm\xb2\xf1`\xd4\x9c\xb6\xcc\xe7l\'(\x9aO\x9d\tsT\xaa\xa5\x86\r#\x83\xdf\x87Rk\xaa\x18M\x90\xbbw)6l\x17\xbc3\xd7e\xe9\xbc/\x88*\x13\xf3\xa9\xc1\xf6\x06`\xbdO\xd2\xfa1\xd2\xc0\xa7u$\"\x89\xbc\xe0b\xd1\r$\xde\xd5@i\x18\xa6k,u\xc4?\xe1\xffE\x8a\xe5\xcd\x9f\xecc\x03\x9b\xa5\xa7\xb6j`\xed\xe5\xcc\xda\xbc~\xe7v`\xef#X\xcc\xdf\xf0\"&\x02\x13\x84\xb0\xc25\xf1\x14\xed\x9a\xde\x92vz\xec\xc2V\xac\xde\xb6\x10\xdfB\xe7\x16\x9f$\x03W\xf75\xae_\xe2\x90\x17\xe5\x1e\'%/H\xb9[\xfb\xbb:\x86U5)\x8b\xdc6\xd7\x1d\xb65\xf4\x1cWw\x1d\xb7z\xea\xff\x88?\xeb=\xc3\xcc$\xbd<\x03n9j\xd3\xaf7\x94PX\x83\x9e\x81\"p\xbc@\x90\x1f\xa6T\xe7\xcc2\x92\xa8/\xc8\f7M\xc0qB\xa1\xc2\xe9\xd3\xe2R\x8eO\xda\xc3+\xca\xef\xe9\x10\xeb\xd3\xb9H\xa3\xbf\xeb\xef_\xa8\xd8$s\xc7\xfb\xf3\xec', 0x0, 0x0) getdents(r0, &(0x7f0000000300)=""/135, 0x87) ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501) r1 = socket(0x2, 0x3, 0x100000001) bind$inet(r1, 0x0, 0x0) connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x32) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0xffff) ftruncate(0xffffffffffffffff, 0x8007ffc) 14:44:39 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, 0x0, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:39 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:40 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 14:44:40 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, 0x0, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:40 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:40 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:40 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd0") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:40 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x3, &(0x7f00000000c0)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x15, 0xffffff87}}, &(0x7f0000000040)='syzkaller\x00', 0x9, 0xcf, &(0x7f0000000340)=""/207, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1}, 0x10}, 0x70) 14:44:40 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:40 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 14:44:40 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, 0x0, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:40 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:40 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:40 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x0, 0x2) ioctl$KVM_DEASSIGN_DEV_IRQ(r1, 0x4040ae75, &(0x7f00000000c0)={0x6, 0x9, 0x7fff, 0x204}) r2 = add_key(&(0x7f0000000100)='cifs.idmap\x00', &(0x7f0000000140)={'syz', 0x0}, &(0x7f0000000180)="cc4e018398686e7b784aaec834c4a3b7d811b5022fb5914e0e96ba4fd82a43441a565b45423de2172be96e2d5da17cb45373aa887ae75709cb9ed9e23ba090824ac0c095e4a1e070c30202924258f23138522adb98a70c800fa01ac7929f6bfc497383378bbff369689075fa3cf57be4352b310adf713b", 0x77, 0xfffffffffffffffa) r3 = add_key(&(0x7f0000000240)='cifs.idmap\x00', &(0x7f0000000280)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffa) keyctl$instantiate(0xc, r2, &(0x7f0000000200)=@encrypted_new={'new ', 'default', 0x20, 'user:', '\'&user', 0x20, 0x3}, 0x2d, r3) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='/\x02roup.stap\x00', 0x2761, 0x0) 14:44:40 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 302.385239] *** Guest State *** [ 302.398159] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 14:44:40 executing program 1 (fault-call:10 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 302.451219] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:44:41 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x2, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 302.526813] CR3 = 0x0000000000000000 [ 302.546687] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 302.574093] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 302.590400] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 14:44:41 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0adc123f319bfcabf44168043cdc32017cdc179c4b87c6c49ee541bc53d3671376a5e757a6fc56ca9eae171f7abac5b889550eadd98fdfa383450cc76bddaf8ecf746f3facbc337a487f00bd8668caccff1ddbe7fd0d") r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x1a1401, 0x0) getsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f0000000040)=0x101, &(0x7f00000000c0)=0x1) write$P9_RLINK(r1, &(0x7f0000000080)={0x7}, 0x20000087) [ 302.623848] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 302.657413] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 302.674946] *** Guest State *** [ 302.691729] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 302.700934] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 302.700950] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 302.700970] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 302.735537] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 302.735547] CR3 = 0x0000000000000000 [ 302.735556] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 302.735566] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 302.735581] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 302.735595] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 302.735614] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 302.735632] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 302.735644] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 302.735659] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 302.735672] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 302.735682] GDTR: limit=0x00000000, base=0x0000000000000000 [ 302.735695] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 302.735707] IDTR: limit=0x00000000, base=0x0000000000000000 [ 302.735724] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 302.735734] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 302.735745] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 302.735754] Interruptibility = 00000000 ActivityState = 00000000 [ 302.735759] *** Host State *** [ 302.735770] RIP = 0xffffffff811c8cac RSP = 0xffff88805a7bf8c0 [ 302.735791] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 302.735803] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 302.735814] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 302.735828] CR0=0000000080050033 CR3=000000008e1c6000 CR4=00000000001426f0 [ 302.735842] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 302.735853] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 302.735858] *** Control State *** [ 302.735867] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 302.735875] EntryControls=0000d1ff ExitControls=002fefff [ 302.735888] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 302.735897] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 302.735906] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 302.735914] reason=80000021 qualification=0000000000000000 [ 302.735921] IDTVectoring: info=00000000 errcode=00000000 [ 302.735927] TSC Offset = 0xffffff5b445ea14f [ 302.735935] EPT pointer = 0x00000000a51bc01e [ 302.762498] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 302.804218] GDTR: limit=0x00000000, base=0x0000000000000000 [ 302.961940] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 302.976640] IDTR: limit=0x00000000, base=0x0000000000000000 [ 303.016788] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 303.031472] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 303.031827] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 303.031837] Interruptibility = 00000000 ActivityState = 00000000 [ 303.031847] *** Host State *** [ 303.031858] RIP = 0xffffffff811c8cac RSP = 0xffff88805967f8c0 [ 303.031878] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 303.031887] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 303.031903] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 303.084472] CR0=0000000080050033 CR3=000000008e7df000 CR4=00000000001426f0 [ 303.091605] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 303.098412] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 303.108741] *** Control State *** [ 303.112540] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 303.119409] EntryControls=0000d1ff ExitControls=002fefff [ 303.119424] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 303.119433] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 14:44:41 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd0") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:41 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x5, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:41 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:41 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:41 executing program 0: r0 = syz_open_dev$sndseq(&(0x7f0000000180)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x0, @tick=0x7fffffff, 0x0, {}, 0x200000000000, 0x2}) [ 303.119442] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 303.119454] reason=80000021 qualification=0000000000000000 [ 303.139001] IDTVectoring: info=00000000 errcode=00000000 [ 303.139009] TSC Offset = 0xffffff5b6b09b82d [ 303.139017] EPT pointer = 0x000000008bad501e 14:44:41 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:41 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0)='TIPC\x00') sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x34, r1, 0xe11, 0x0, 0x0, {{}, 0x0, 0x4101, 0x0, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'bridge0\x00'}}}}}, 0x34}}, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x100, 0x0) ioctl$KVM_GET_CLOCK(r2, 0x8030ae7c, &(0x7f0000000040)) ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x9) 14:44:41 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0xe7, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 303.337471] *** Guest State *** [ 303.362420] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 303.367445] Started in network mode [ 303.391951] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 303.398870] Own node identity aaaaaaaaaa0c, cluster identity 4711 [ 303.416297] CR3 = 0x0000000000000000 [ 303.422345] Enabled bearer , priority 0 [ 303.423965] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 303.439521] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 303.442613] *** Guest State *** [ 303.448805] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 303.449367] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 14:44:41 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x500, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 303.461861] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 303.467352] Enabling of bearer rejected, already enabled [ 303.482665] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 303.501901] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 14:44:41 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0)='TIPC\x00') sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x34, r1, 0xe11, 0x0, 0x0, {{}, 0x0, 0x4101, 0x0, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'bridge0\x00'}}}}}, 0x34}}, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x100, 0x0) ioctl$KVM_GET_CLOCK(r2, 0x8030ae7c, &(0x7f0000000040)) ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x9) [ 303.521754] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 303.525349] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 303.557050] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 303.589575] CR3 = 0x0000000000000000 [ 303.591548] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 303.602765] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 303.621064] Enabling of bearer rejected, already enabled [ 303.628059] GDTR: limit=0x00000000, base=0x0000000000000000 14:44:42 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x2000, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 303.628079] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 303.628090] IDTR: limit=0x00000000, base=0x0000000000000000 [ 303.628109] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 303.638567] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 303.676140] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 303.686585] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 14:44:42 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0xe7ff, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 303.717311] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 303.722982] Interruptibility = 00000000 ActivityState = 00000000 [ 303.731095] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 303.747405] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 303.756833] *** Host State *** [ 303.777498] RIP = 0xffffffff811c8cac RSP = 0xffff88804c7d78c0 [ 303.792716] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 303.804372] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 303.816587] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 303.835548] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 303.844593] FSBase=00007f43d5ae8700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 303.844605] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 303.844626] CR0=0000000080050033 CR3=000000008c727000 CR4=00000000001426e0 [ 303.858830] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 303.874567] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 303.881344] *** Control State *** [ 303.885256] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 303.892485] EntryControls=0000d1ff ExitControls=002fefff [ 303.898418] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 303.911595] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 303.919414] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 303.920213] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 303.934204] reason=80000021 qualification=0000000000000000 [ 303.934213] IDTVectoring: info=00000000 errcode=00000000 [ 303.934229] TSC Offset = 0xffffff5aedd055dd [ 303.934237] EPT pointer = 0x00000000a533701e [ 303.964991] GDTR: limit=0x00000000, base=0x0000000000000000 [ 303.980066] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 303.989477] IDTR: limit=0x00000000, base=0x0000000000000000 [ 303.997819] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 304.008322] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 304.019233] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 304.028229] Interruptibility = 00000000 ActivityState = 00000000 14:44:42 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x0) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:42 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x7, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3cf8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x2) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000600)={r0, 0xffffffffffffffff, 0xd}, 0x10) pipe(&(0x7f0000000100)={0xffffffffffffffff}) ioctl$TIOCMGET(r1, 0x5415, &(0x7f0000000180)) bpf$BPF_PROG_ATTACH(0x9, &(0x7f0000000080)={r0, 0xffffffffffffffff, 0x8000000000d}, 0x10) 14:44:42 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:42 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0xfdfd, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:42 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x2, 0x0) [ 304.037128] *** Host State *** [ 304.041945] RIP = 0xffffffff811c8cac RSP = 0xffff8880552f78c0 [ 304.047938] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 304.058243] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 304.067413] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 304.074690] CR0=0000000080050033 CR3=000000008567b000 CR4=00000000001426e0 [ 304.132865] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 304.132877] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 304.173792] *** Control State *** [ 304.187507] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 304.240892] EntryControls=0000d1ff ExitControls=002fefff [ 304.271935] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 304.295684] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 304.307975] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 304.315892] reason=80000021 qualification=0000000000000000 [ 304.329947] IDTVectoring: info=00000000 errcode=00000000 [ 304.335711] TSC Offset = 0xffffff5add23db26 14:44:42 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0xffe7, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:42 executing program 0: sendmsg$alg(0xffffffffffffffff, 0x0, 0x4000010) socketpair$unix(0x1, 0x0, 0x0, 0x0) r0 = memfd_create(0x0, 0x0) pwritev(r0, 0x0, 0x0, 0x881806) r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) pwritev(r1, &(0x7f0000001380)=[{&(0x7f0000003040)="02", 0x1}], 0x1, 0x0) fallocate(r1, 0x20, 0x0, 0xfffffeff000) r2 = open(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000100)={0x3, 0x70, 0x81, 0xfffffffffffffff9, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xe34, 0x8, 0x8, 0x0, 0x0, 0x39, 0x8, 0x10000, 0x1, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x507, 0x10001, 0x0, 0x0, 0xe5e, 0x7, 0x8, 0x80000001, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x4800, 0x400, 0x0, 0x0, 0x400, 0x0, 0x9}, 0x0, 0x6, r2, 0x2) pwritev(r2, &(0x7f0000001380)=[{0x0}], 0x1, 0x0) poll(&(0x7f0000000340)=[{r1, 0x8000}], 0x1, 0x3) fallocate(r2, 0x20, 0x0, 0x0) syz_open_pts(r1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0) syz_mount_image$ceph(&(0x7f0000000000)='ceph\x00', &(0x7f00000000c0)='./bus\x00', 0xfff, 0x3, &(0x7f0000000200)=[{&(0x7f00000003c0)="3f18fad568066f133bd429591f4183bbaa02e0f4c313b70b0a6aa1fa497d031b311621c7631ee85a545f8e4101e3706aa95e019becadb25af85d52292733b27120be43783c4bb868b306acc192cda6ce93c4466a5fc49dfb1eaa1a65d934db176a26b5afe9e2a675443bdfc508c3615190fdcea04c121d62fc900af80556e9d53679fc1c4d9ad4cc879bf8f976012fe86515da687879d60977226e5490d0625be2e57bbeaa404bd326b7a57075198e73bff433aa174602992f45669e708bb4319a7248f39d4c22e1d78f7991a80337487f3d32f0933949f791437d8e", 0xdc, 0x4}, {&(0x7f0000000180)="669257a24a3e1be1234c26551204e8eb18d6c38e30a1794ac9ec6b383e5b43e43c647269ee4f910f", 0x28, 0x200}, {&(0x7f0000002040)="2c32a51e2a5a4ee31fd7cbd8ca58db6fd36797fc17d1d57ea9d74c778a71c2ddfbdd67464912e6f70bcee28d45905c0f6d74eed3c5081b549f69343e32b4256aa4c345449a4a1906a4b9fe21e0fcd9b5489048182c9446bb38fb92c58158e7f79295ff7063ca00e4326d6825ceb41c2d5124721245a93ff3fcad42e375f7dd3620b31e25e7fb1f2fe6f5bcc9eb8a5a48aa2f554342c5d0b8c17adde795dd7be9bb970aa05be2f4caf9e46eebb1ddf68607e45df1c3b787ba86b27fd53b8587909d8f3a16cc50f6d9a6c8d5aeb7ec6d38426525ab717c6cbd7a88897396e1543d805c9ee8b4210ed2385b9ecb87b7b690a62190de1d0b48a36e2aac26471b891e21fa7be10577a434dab0e74f1da4cfe4fe1604f0c34278ff4fd4512d68b5c7a8e70275d9f03d7207925455f5bfb2ef7804fddedd5535cb50b26d118927fa2f0ad97682c38fa47570cbba4673572d8a8e7113d78019c3a438472775a923c0f09dc9ff9b5282cd8e8f383c16c3dba2204a167aef53d0f10b01c7a2d71184d05009db047e6a6f97d26726af1e62a2b86f1a82d81bd12b93bcb1fd8dc44f8d31f4b90c472b74ed5c2ba9ec9d91470e4b8c64cb620c4edb3ba8fc8e5b36ffe8807e439925475a81ceb08c116f88b54e38a2d42b725cc2b1c4496cdbd5b03ac49154e5b2196f9ccde0d1fc8ddde46c59119fff7dcb2fc59f5a9183ebc6ce5ec0bb61cdd6a9bbc02483aab82e235c47988f0e266a44db53707f094d3712f8678d5094631d470d953441d19fe3d36b570c901c5900894cb3f5d161bf2ee7675addabcbc63c932d7f56a0feb7bceaab6ccd0c37937d4264d2549f5749d8b97b0a0a1523b7c0163202db68a7c31012ff3f01ff30c40460fcb324584b386785b4a1359e801b287dc13866b6e817cfaa301ca2e0dfbe7dc9d744738bec72d15bee5117c82313dec71db61c449a606afbaea44c67e73c4954605709331864a57e6213a0f5421ff9cbd36f18db1fda69f68004b405aed0670c378c03c1c1ad3a5353fdac2c6fc287499743bdd0f43062979f9bc51ed9fe15075cb2629d9892776bc47a49d4fb5b96876b8ba894258b685ab2803cb64169b2349a7e78ab3d306baef898cc2020acb6a55aa8a36758b0150dc0af54fa88d7c842f37f12a0fe4c286d46023861cd9db69e7201d403a49a1acdb3ee11933b71e7cd714b8b9f436de26910f387562a598ef9246a4af9d432f9c00998aedaf921cdc507f5455368f798613f67f5c8a717c6793aecf19760de8dbd7a735325168418065a176e31079a85e0345817d1ebb935ff8c66e9e9fbb82c17ce457ea1569427b647377ac07de188e0a4d1643d05b13ce5a7e22497c350a0bb423eb5c040599ae91fa36123dde77d410805d4050e89d4e677a724d629e85c58b6f6b61b46f19ba31bc3d77a82f1bd26e72dcdb9d7e646407c490e8e47852f09b3d2c5d638c7bea3d547c65090b3e69e5a9a00bbfadb8ef98e1b4c28374ea0f36347d06ff44c1e12680b6dedd33386c6488441a8e03af038dfc15fe49d8c290dd9a014d8604b68e664115b66869060e92b73aa7361111aa28d95ce365772903fb0a983967d949d6a4c95e954460b45f22896e8433d1769db5b3c3716f34cca04b94cf81122a8a1132d2fbe52578ec6f417581e1eeb53174686b1b76de9c385314c01644e6569fb99d2e1064132d471a721d95ba25916ab59b922a022838ef48720a5d0940209113898cc3b70d02ad6545d77dc35db68d65b228559493bac91ae5eabe5b4c48b52ac2bea321148fa434ba9cdbed92f25b9b85a380871dbedec6bca3394b5f5213ba698857d27f2ec03921c53c708f532929112ee23e62afaaa67a20e9fae8c62e7c58691dc0ed571a2f4f10f733f327c95b65525dc611d35cb25620da31ba7f5424cea415ff87615f7ed8722740f34f6d2d4710ca580f1eeea1269672aecdd1445b42105400c67c32089d77dcaa342333af712f0fc42045c1905a17c90711a065a5d5b6ddc35631cb91106f2adc5aed8461314023362ec715b79e229ec5a90d32089911250fadacc2d9624d4588fa8f46220041ddada732c947a3fd0b355c427dcb24ffe7608191cf034ef156e78acc9834c258a649b4f5de751c8b19df3baf46f317290b760e4c08cc506757cd16df98bdf1214d32ec974111290286f156d57db01f0d4f8865363cd913d2e719a663207e389bd1d407793a846d1d21308618f1cb234731200cda73bb26c7714ae3761485f6cab6805f632ca58eaa72bba30cd1fb1792da05f53db5cb25230c67a01ed36bf96f9cfa67da61eaac04df8acd7f29aa81c385c3634d88d44ad692324c76b0ed4cf6e2e785b07b784d0a7ecbeef6145a20380ded0768b22618ae32471ac0b3f391ebb517ac28c2a92b11acb0e1117beab257068b9f24d5b87ed8c9d4d6caa76ad1f5f48a86d6b0bdd3fa76ad524455eafb5ed7121e6b81ebc102813f06c2d0237ef86156954e320a980e82790214eddb07be3dcbb291551ffa9e7cf8846d23af5e22afea12469f1d9c76bc4e23a69935dc1195606023a1c33ebeccac82c19b1952490f77c1447ebed360ec373a3786aa0afc42dee6a4ee805bdae07ef7038eb3e378ebd4dac5f56995e522cd8398a0d744a9fbcb100397d7426a9805bdfea8579e9819e7b4c404626e5e7e5bc9c3d94ce451420c29381393bfe8855eddf6983ac963f1f8631de3f2f534d18af87af319465ac7c03eafdfca89444e61e3a85189bc8e0e1fc0641b0846e2dfecc67ef582a7b7eb3c88fb97ab1b4252aff05e3ec30b7cbf15aa8dd60c4ef17787a61b25f98b3606caf6b8df5e25a094bad085e3d71a0b230767dffbec038a19a2ef6c78b5da4cbbc78860df5269c2eaed6696861f1b3ae46c92d858f342895415f5c675bcb083325d96d52ff15ad1ffa6cd69d89977b9bf3c93396b55c039e418ef008cc00939a981098047bdb03a586703d27c48f2a145f7d4b529fb0b65ba2c2e4e0695ecfeeeea10e39255c0fdb2399d1c46920891dcd8626114b0e9c96beeeb2bbeb764ee207f1df1ad1835557814ceea3201d8c625498553bc70b0d1290b67dfb1cb720a840ec2e6c91aca767fb4f10d00e9e40ceb27335b456e650bffe17eb5a3791c8684034d762f303b535a800ba9daeee234b25306fad643afeadd201f29f8c09691301253336210d2e123c40e56f862f06e1d8c7b72312c68a47c83b0e4e0041f17e82a601a06049a35d1346393500aa18f6457e05b0a0a640683cbfed281387621b683816880d7cc1c5e3ae0ad3147a2b51dc924479303fbd18f41eb1354c3f85ecbdd9825253c684178fadbbf23fbb87a904edf4b8aefcc32a35a8be1ad8407306cf89929d51489886e4e9941fd54c88cd8f130aff13ecc7d3bd5e0365222a39df24cfc1424537fa665eeb0763500f06455e1c38cb08089118ca25c55943d0e2b951bfe63e4185b9150201ee693a5345ddf6ed4b8406effed33f34d91d44583dfd7fb2acb2287c90d01ade0271d4211366e48c741e88d8ea9af1443d4e6cf303440db8b2a8e962c2549bb26b754b2349889a32047265755b46c2c3f01704ecdb83e5c2c5b3cba60a716503c127e9c821d27a88e7b224ce77a2297a3592607c28ccbfd5387f6154cc6b6742a2da59ca5253761116774dfc933a404560696bc8db980048203a5b8b4908c5fd7cefa6ecf1b5633ad841138b671e4586744750e48744228afbe9de4b2b71009f10200c8beeb9d0fd0f21d27aded9e64050f0ebde80aea6fd660a15c10cc24094fb8cfc9dc62ca85866769e48d63bf44ef3d464e4aa9e56f721b4a60bad1888084d89e96de442379d1286eef7e05cd7e6e158c70942347f042771e116ca226d11f9433ecd760b83a5c4f8c0c5124fbfcc9aede723031b58c4a746a1dd306ce7e0e75d6cf85657dd63f379b4f674520a18ad872d6ccb8975c89f951f0ddc5696d294feb544ba8ef61a771c9a1b650888515ef8b8b231620751eadab5da041fa2e418e38183c74dfd2e839dba60029e6c5ae12fe3c2dd5479a94738857c0fcf7b26b5e69972a9b35fb86b3200e6d21144d44c7d30976a735c65da398ab7e97b657fbc75f169dacdc3273b9b901fb36831eec723a76ea757f2e7861c9d933fc187f113656b172f5c40eb769649d3d901e0f1c947cc828a83062baab93c236065e8b041328feb8daf8c4aafcfb16a36e3c1472225c95c74b4cbc93a63cf867ec4456b05b7a550d7d2488a043a5da8ea888070761c6e77ac9bdb44e80930bb2c713ac730ebfded686238908faf4e33f6fa91ac392b2d4fb2a717c4a135fe6d0b7653f981e8da734ac276c14da6851ee11c8b70f0d857f3413a41a3cda0992aec80e78bc3321acc1816ee7c6f73b3a074f564df3284d784c8d505afd76c007cb49d51d7cf2d522c4a77877d1cadade0c3d1936b3db9d274f58f76256b36d80a57381505fb3546526ae5fc4318ff08015913f59a111cf219359aa2fba79df05c8a1baad4c920edfac11d69085ed31931ce8007e85b7f2d46af2fa46125d22192dc9fff5de16f34bd38eebedf6cbd45a441a5eb5df792161630b03987338e1adddc3782d1672eb1b81644b1dbeb0dddad606404955bf19525fe7ecfaf941afb6a6b2a1c7bfd73b935a455f341bb865206f620c02e9b94d0a78cbe59594536bbfb4c7f03de3623981291e944294a902cdecae35d355149f11da8c9c69d322ebd50404e2e85b42ea6cdfec5e0059c8e65ac7aab4d8178ab551ee870da96c21151e30c5cd64c3d9f7d2ddba539f9288b6274cfbfb6fe5ffd991eb6bf4027133bbb893759a42769f2fe8d03eca9ed4106523e13e08a73feb4e777b47236e71dcdd90c21fcf70d7e92a0ba6733c8259962fdf2fbf7758b03ade3cb4e3ac7b040e350280149a6bccef4f1d7f90fe80f9325b8f3a420744bda11079f3094539818f6742e1fa725a8d3e9fbf1e3f3d77423c3aece450d264af40e9c5810082c37f788a11d6fe85518fac608c4823f6a4545ddedd56b4b1ce6c3c9f644b9aa809dfbf8a9b26bdfd102602b7f5e5619090928f7a0f1de0dc6250400800dc65db37f8d1917aba20f4e63ecf799c9eff054cbd890d7a7d8c0bea5a123a65269d90ac80fcc49911db4737d6d7698be8120016a45104548de9e0910776bee30d4f36adb2e26f96eeb23b938e73a70e4e02d808ece98599ca6c2ca9500c1e640c7448f778dda303ebffa6b4da51981008da3eea65ad16e4e0286dc2a925516688f6ce29f9199deb28f4ccf44b855da2d42d6b8e35eeec313f994b4e375a168e6666f3453466c300f2cb9266f81206472842dd76b9820f8ce41154137c4c502318b86ef7f11132039e9f0e1ef6be2085e7679118a0b11ba6f9d76d0b097280db7f426a08f17666fc9746aa8fd56f7862f327789ed5b409ceb58573dc9947742af0e90a13c9743d47d2961df2d54b5b9965277389e8c6ac7770fa7a5aa54811c9847bea0e8e5d3fa42d1f53cbc195b584aa85c1bc54e61d240b2dee20e113d1e257cda7947a0000c92c7e17d3f33107d8019191db46b5b05c35148580b81d85719aea7cab2bc8be99aead4477ec3a68fe405a74a2c06f386abea0c7ce3f8fb376a716839b0b7abb47babd8d219ca0f83f20ec8660b2bf40dae72464b2e42527490ed83fdcb1f1977fa6d9ebc1ed6732f6cd2105d765999ab43efb62c2424699819e5ba14f539722d1aca3922c0c96480696454ab88e10f061b305e7ce59d4ead57993d2a526d5b39bbb843329fa488", 0x1000, 0x6a13}], 0x10000, &(0x7f0000000280)='cpusetwlan0\x00') inotify_init() r3 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee67, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpeername$packet(r1, &(0x7f00000001c0), &(0x7f0000000380)=0xce) socket$unix(0x1, 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$UI_END_FF_UPLOAD(r1, 0x406855c9, 0x0) shmget(0x2, 0x4000, 0x7800061f, &(0x7f0000ffa000/0x4000)=nil) shmctl$IPC_RMID(0x0, 0x0) r4 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r4, 0x0, 0x0, 0x10000101) perf_event_open(&(0x7f00000002c0)={0x7, 0x70, 0x35, 0xd4, 0x4, 0x2, 0x0, 0xfcf, 0x8800, 0xf, 0xa0bd, 0x7, 0x3, 0x9, 0x0, 0x401, 0x9, 0x1f, 0x380000000000000, 0x5, 0x3f, 0x9, 0x8000, 0x1ff, 0x9, 0x80, 0x0, 0x34d, 0x8f, 0x1, 0x4, 0x3, 0x10001, 0x7fff, 0x0, 0x8, 0xdca0, 0x73e8, 0x0, 0x8, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x4, 0x3ff, 0x7, 0x3ff, 0x3, 0x10001}, 0x0, 0x7, r3, 0xb) 14:44:42 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x0) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) [ 304.350073] EPT pointer = 0x00000000a1f2501e 14:44:42 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:42 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x4b47, 0x0) 14:44:42 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x1000000, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 304.497799] *** Guest State *** [ 304.517569] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 304.528805] ceph: device name is missing path (no : separator in /dev/loop0) [ 304.541617] 32-bit node address hash set to aaaaa600 14:44:43 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x0) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:43 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:43 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x4b49, 0x0) [ 304.565711] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 304.587997] CR3 = 0x0000000000000000 [ 304.598254] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 304.610199] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 304.624835] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 14:44:43 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x2000000, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 304.699614] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 304.784959] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 304.800009] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 14:44:43 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) gettid() tkill(0x0, 0x1000000000016) tkill(r0, 0x16) 14:44:43 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x541b, 0x0) [ 304.836730] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 304.866984] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:44:43 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x5000000, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 304.905814] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 304.927753] ceph: device name is missing path (no : separator in /dev/loop0) [ 304.953931] GDTR: limit=0x00000000, base=0x0000000000000000 [ 304.989985] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 305.030446] IDTR: limit=0x00000000, base=0x0000000000000000 [ 305.042899] audit: type=1800 audit(1555339483.477:136): pid=11409 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed comm="syz-executor.0" name="bus" dev="sda1" ino=17159 res=0 [ 305.091101] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 305.114485] audit: type=1800 audit(1555339483.477:137): pid=11488 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed comm="syz-executor.0" name="bus" dev="sda1" ino=17159 res=0 14:44:43 executing program 0: sendmsg$alg(0xffffffffffffffff, 0x0, 0x4000010) socketpair$unix(0x1, 0x0, 0x0, 0x0) r0 = memfd_create(0x0, 0x0) pwritev(r0, 0x0, 0x0, 0x881806) r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) pwritev(r1, &(0x7f0000001380)=[{&(0x7f0000003040)="02", 0x1}], 0x1, 0x0) fallocate(r1, 0x20, 0x0, 0xfffffeff000) r2 = open(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000100)={0x3, 0x70, 0x81, 0xfffffffffffffff9, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xe34, 0x8, 0x8, 0x0, 0x0, 0x39, 0x8, 0x10000, 0x1, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x507, 0x10001, 0x0, 0x0, 0xe5e, 0x7, 0x8, 0x80000001, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x4800, 0x400, 0x0, 0x0, 0x400, 0x0, 0x9}, 0x0, 0x6, r2, 0x2) pwritev(r2, &(0x7f0000001380)=[{0x0}], 0x1, 0x0) poll(&(0x7f0000000340)=[{r1, 0x8000}], 0x1, 0x3) fallocate(r2, 0x20, 0x0, 0x0) syz_open_pts(r1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0) syz_mount_image$ceph(&(0x7f0000000000)='ceph\x00', &(0x7f00000000c0)='./bus\x00', 0xfff, 0x3, &(0x7f0000000200)=[{&(0x7f00000003c0)="3f18fad568066f133bd429591f4183bbaa02e0f4c313b70b0a6aa1fa497d031b311621c7631ee85a545f8e4101e3706aa95e019becadb25af85d52292733b27120be43783c4bb868b306acc192cda6ce93c4466a5fc49dfb1eaa1a65d934db176a26b5afe9e2a675443bdfc508c3615190fdcea04c121d62fc900af80556e9d53679fc1c4d9ad4cc879bf8f976012fe86515da687879d60977226e5490d0625be2e57bbeaa404bd326b7a57075198e73bff433aa174602992f45669e708bb4319a7248f39d4c22e1d78f7991a80337487f3d32f0933949f791437d8e", 0xdc, 0x4}, {&(0x7f0000000180)="669257a24a3e1be1234c26551204e8eb18d6c38e30a1794ac9ec6b383e5b43e43c647269ee4f910f", 0x28, 0x200}, {&(0x7f0000002040)="2c32a51e2a5a4ee31fd7cbd8ca58db6fd36797fc17d1d57ea9d74c778a71c2ddfbdd67464912e6f70bcee28d45905c0f6d74eed3c5081b549f69343e32b4256aa4c345449a4a1906a4b9fe21e0fcd9b5489048182c9446bb38fb92c58158e7f79295ff7063ca00e4326d6825ceb41c2d5124721245a93ff3fcad42e375f7dd3620b31e25e7fb1f2fe6f5bcc9eb8a5a48aa2f554342c5d0b8c17adde795dd7be9bb970aa05be2f4caf9e46eebb1ddf68607e45df1c3b787ba86b27fd53b8587909d8f3a16cc50f6d9a6c8d5aeb7ec6d38426525ab717c6cbd7a88897396e1543d805c9ee8b4210ed2385b9ecb87b7b690a62190de1d0b48a36e2aac26471b891e21fa7be10577a434dab0e74f1da4cfe4fe1604f0c34278ff4fd4512d68b5c7a8e70275d9f03d7207925455f5bfb2ef7804fddedd5535cb50b26d118927fa2f0ad97682c38fa47570cbba4673572d8a8e7113d78019c3a438472775a923c0f09dc9ff9b5282cd8e8f383c16c3dba2204a167aef53d0f10b01c7a2d71184d05009db047e6a6f97d26726af1e62a2b86f1a82d81bd12b93bcb1fd8dc44f8d31f4b90c472b74ed5c2ba9ec9d91470e4b8c64cb620c4edb3ba8fc8e5b36ffe8807e439925475a81ceb08c116f88b54e38a2d42b725cc2b1c4496cdbd5b03ac49154e5b2196f9ccde0d1fc8ddde46c59119fff7dcb2fc59f5a9183ebc6ce5ec0bb61cdd6a9bbc02483aab82e235c47988f0e266a44db53707f094d3712f8678d5094631d470d953441d19fe3d36b570c901c5900894cb3f5d161bf2ee7675addabcbc63c932d7f56a0feb7bceaab6ccd0c37937d4264d2549f5749d8b97b0a0a1523b7c0163202db68a7c31012ff3f01ff30c40460fcb324584b386785b4a1359e801b287dc13866b6e817cfaa301ca2e0dfbe7dc9d744738bec72d15bee5117c82313dec71db61c449a606afbaea44c67e73c4954605709331864a57e6213a0f5421ff9cbd36f18db1fda69f68004b405aed0670c378c03c1c1ad3a5353fdac2c6fc287499743bdd0f43062979f9bc51ed9fe15075cb2629d9892776bc47a49d4fb5b96876b8ba894258b685ab2803cb64169b2349a7e78ab3d306baef898cc2020acb6a55aa8a36758b0150dc0af54fa88d7c842f37f12a0fe4c286d46023861cd9db69e7201d403a49a1acdb3ee11933b71e7cd714b8b9f436de26910f387562a598ef9246a4af9d432f9c00998aedaf921cdc507f5455368f798613f67f5c8a717c6793aecf19760de8dbd7a735325168418065a176e31079a85e0345817d1ebb935ff8c66e9e9fbb82c17ce457ea1569427b647377ac07de188e0a4d1643d05b13ce5a7e22497c350a0bb423eb5c040599ae91fa36123dde77d410805d4050e89d4e677a724d629e85c58b6f6b61b46f19ba31bc3d77a82f1bd26e72dcdb9d7e646407c490e8e47852f09b3d2c5d638c7bea3d547c65090b3e69e5a9a00bbfadb8ef98e1b4c28374ea0f36347d06ff44c1e12680b6dedd33386c6488441a8e03af038dfc15fe49d8c290dd9a014d8604b68e664115b66869060e92b73aa7361111aa28d95ce365772903fb0a983967d949d6a4c95e954460b45f22896e8433d1769db5b3c3716f34cca04b94cf81122a8a1132d2fbe52578ec6f417581e1eeb53174686b1b76de9c385314c01644e6569fb99d2e1064132d471a721d95ba25916ab59b922a022838ef48720a5d0940209113898cc3b70d02ad6545d77dc35db68d65b228559493bac91ae5eabe5b4c48b52ac2bea321148fa434ba9cdbed92f25b9b85a380871dbedec6bca3394b5f5213ba698857d27f2ec03921c53c708f532929112ee23e62afaaa67a20e9fae8c62e7c58691dc0ed571a2f4f10f733f327c95b65525dc611d35cb25620da31ba7f5424cea415ff87615f7ed8722740f34f6d2d4710ca580f1eeea1269672aecdd1445b42105400c67c32089d77dcaa342333af712f0fc42045c1905a17c90711a065a5d5b6ddc35631cb91106f2adc5aed8461314023362ec715b79e229ec5a90d32089911250fadacc2d9624d4588fa8f46220041ddada732c947a3fd0b355c427dcb24ffe7608191cf034ef156e78acc9834c258a649b4f5de751c8b19df3baf46f317290b760e4c08cc506757cd16df98bdf1214d32ec974111290286f156d57db01f0d4f8865363cd913d2e719a663207e389bd1d407793a846d1d21308618f1cb234731200cda73bb26c7714ae3761485f6cab6805f632ca58eaa72bba30cd1fb1792da05f53db5cb25230c67a01ed36bf96f9cfa67da61eaac04df8acd7f29aa81c385c3634d88d44ad692324c76b0ed4cf6e2e785b07b784d0a7ecbeef6145a20380ded0768b22618ae32471ac0b3f391ebb517ac28c2a92b11acb0e1117beab257068b9f24d5b87ed8c9d4d6caa76ad1f5f48a86d6b0bdd3fa76ad524455eafb5ed7121e6b81ebc102813f06c2d0237ef86156954e320a980e82790214eddb07be3dcbb291551ffa9e7cf8846d23af5e22afea12469f1d9c76bc4e23a69935dc1195606023a1c33ebeccac82c19b1952490f77c1447ebed360ec373a3786aa0afc42dee6a4ee805bdae07ef7038eb3e378ebd4dac5f56995e522cd8398a0d744a9fbcb100397d7426a9805bdfea8579e9819e7b4c404626e5e7e5bc9c3d94ce451420c29381393bfe8855eddf6983ac963f1f8631de3f2f534d18af87af319465ac7c03eafdfca89444e61e3a85189bc8e0e1fc0641b0846e2dfecc67ef582a7b7eb3c88fb97ab1b4252aff05e3ec30b7cbf15aa8dd60c4ef17787a61b25f98b3606caf6b8df5e25a094bad085e3d71a0b230767dffbec038a19a2ef6c78b5da4cbbc78860df5269c2eaed6696861f1b3ae46c92d858f342895415f5c675bcb083325d96d52ff15ad1ffa6cd69d89977b9bf3c93396b55c039e418ef008cc00939a981098047bdb03a586703d27c48f2a145f7d4b529fb0b65ba2c2e4e0695ecfeeeea10e39255c0fdb2399d1c46920891dcd8626114b0e9c96beeeb2bbeb764ee207f1df1ad1835557814ceea3201d8c625498553bc70b0d1290b67dfb1cb720a840ec2e6c91aca767fb4f10d00e9e40ceb27335b456e650bffe17eb5a3791c8684034d762f303b535a800ba9daeee234b25306fad643afeadd201f29f8c09691301253336210d2e123c40e56f862f06e1d8c7b72312c68a47c83b0e4e0041f17e82a601a06049a35d1346393500aa18f6457e05b0a0a640683cbfed281387621b683816880d7cc1c5e3ae0ad3147a2b51dc924479303fbd18f41eb1354c3f85ecbdd9825253c684178fadbbf23fbb87a904edf4b8aefcc32a35a8be1ad8407306cf89929d51489886e4e9941fd54c88cd8f130aff13ecc7d3bd5e0365222a39df24cfc1424537fa665eeb0763500f06455e1c38cb08089118ca25c55943d0e2b951bfe63e4185b9150201ee693a5345ddf6ed4b8406effed33f34d91d44583dfd7fb2acb2287c90d01ade0271d4211366e48c741e88d8ea9af1443d4e6cf303440db8b2a8e962c2549bb26b754b2349889a32047265755b46c2c3f01704ecdb83e5c2c5b3cba60a716503c127e9c821d27a88e7b224ce77a2297a3592607c28ccbfd5387f6154cc6b6742a2da59ca5253761116774dfc933a404560696bc8db980048203a5b8b4908c5fd7cefa6ecf1b5633ad841138b671e4586744750e48744228afbe9de4b2b71009f10200c8beeb9d0fd0f21d27aded9e64050f0ebde80aea6fd660a15c10cc24094fb8cfc9dc62ca85866769e48d63bf44ef3d464e4aa9e56f721b4a60bad1888084d89e96de442379d1286eef7e05cd7e6e158c70942347f042771e116ca226d11f9433ecd760b83a5c4f8c0c5124fbfcc9aede723031b58c4a746a1dd306ce7e0e75d6cf85657dd63f379b4f674520a18ad872d6ccb8975c89f951f0ddc5696d294feb544ba8ef61a771c9a1b650888515ef8b8b231620751eadab5da041fa2e418e38183c74dfd2e839dba60029e6c5ae12fe3c2dd5479a94738857c0fcf7b26b5e69972a9b35fb86b3200e6d21144d44c7d30976a735c65da398ab7e97b657fbc75f169dacdc3273b9b901fb36831eec723a76ea757f2e7861c9d933fc187f113656b172f5c40eb769649d3d901e0f1c947cc828a83062baab93c236065e8b041328feb8daf8c4aafcfb16a36e3c1472225c95c74b4cbc93a63cf867ec4456b05b7a550d7d2488a043a5da8ea888070761c6e77ac9bdb44e80930bb2c713ac730ebfded686238908faf4e33f6fa91ac392b2d4fb2a717c4a135fe6d0b7653f981e8da734ac276c14da6851ee11c8b70f0d857f3413a41a3cda0992aec80e78bc3321acc1816ee7c6f73b3a074f564df3284d784c8d505afd76c007cb49d51d7cf2d522c4a77877d1cadade0c3d1936b3db9d274f58f76256b36d80a57381505fb3546526ae5fc4318ff08015913f59a111cf219359aa2fba79df05c8a1baad4c920edfac11d69085ed31931ce8007e85b7f2d46af2fa46125d22192dc9fff5de16f34bd38eebedf6cbd45a441a5eb5df792161630b03987338e1adddc3782d1672eb1b81644b1dbeb0dddad606404955bf19525fe7ecfaf941afb6a6b2a1c7bfd73b935a455f341bb865206f620c02e9b94d0a78cbe59594536bbfb4c7f03de3623981291e944294a902cdecae35d355149f11da8c9c69d322ebd50404e2e85b42ea6cdfec5e0059c8e65ac7aab4d8178ab551ee870da96c21151e30c5cd64c3d9f7d2ddba539f9288b6274cfbfb6fe5ffd991eb6bf4027133bbb893759a42769f2fe8d03eca9ed4106523e13e08a73feb4e777b47236e71dcdd90c21fcf70d7e92a0ba6733c8259962fdf2fbf7758b03ade3cb4e3ac7b040e350280149a6bccef4f1d7f90fe80f9325b8f3a420744bda11079f3094539818f6742e1fa725a8d3e9fbf1e3f3d77423c3aece450d264af40e9c5810082c37f788a11d6fe85518fac608c4823f6a4545ddedd56b4b1ce6c3c9f644b9aa809dfbf8a9b26bdfd102602b7f5e5619090928f7a0f1de0dc6250400800dc65db37f8d1917aba20f4e63ecf799c9eff054cbd890d7a7d8c0bea5a123a65269d90ac80fcc49911db4737d6d7698be8120016a45104548de9e0910776bee30d4f36adb2e26f96eeb23b938e73a70e4e02d808ece98599ca6c2ca9500c1e640c7448f778dda303ebffa6b4da51981008da3eea65ad16e4e0286dc2a925516688f6ce29f9199deb28f4ccf44b855da2d42d6b8e35eeec313f994b4e375a168e6666f3453466c300f2cb9266f81206472842dd76b9820f8ce41154137c4c502318b86ef7f11132039e9f0e1ef6be2085e7679118a0b11ba6f9d76d0b097280db7f426a08f17666fc9746aa8fd56f7862f327789ed5b409ceb58573dc9947742af0e90a13c9743d47d2961df2d54b5b9965277389e8c6ac7770fa7a5aa54811c9847bea0e8e5d3fa42d1f53cbc195b584aa85c1bc54e61d240b2dee20e113d1e257cda7947a0000c92c7e17d3f33107d8019191db46b5b05c35148580b81d85719aea7cab2bc8be99aead4477ec3a68fe405a74a2c06f386abea0c7ce3f8fb376a716839b0b7abb47babd8d219ca0f83f20ec8660b2bf40dae72464b2e42527490ed83fdcb1f1977fa6d9ebc1ed6732f6cd2105d765999ab43efb62c2424699819e5ba14f539722d1aca3922c0c96480696454ab88e10f061b305e7ce59d4ead57993d2a526d5b39bbb843329fa488", 0x1000, 0x6a13}], 0x10000, &(0x7f0000000280)='cpusetwlan0\x00') inotify_init() r3 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee67, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpeername$packet(r1, &(0x7f00000001c0), &(0x7f0000000380)=0xce) socket$unix(0x1, 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$UI_END_FF_UPLOAD(r1, 0x406855c9, 0x0) shmget(0x2, 0x4000, 0x7800061f, &(0x7f0000ffa000/0x4000)=nil) shmctl$IPC_RMID(0x0, 0x0) r4 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r4, 0x0, 0x0, 0x10000101) perf_event_open(&(0x7f00000002c0)={0x7, 0x70, 0x35, 0xd4, 0x4, 0x2, 0x0, 0xfcf, 0x8800, 0xf, 0xa0bd, 0x7, 0x3, 0x9, 0x0, 0x401, 0x9, 0x1f, 0x380000000000000, 0x5, 0x3f, 0x9, 0x8000, 0x1ff, 0x9, 0x80, 0x0, 0x34d, 0x8f, 0x1, 0x4, 0x3, 0x10001, 0x7fff, 0x0, 0x8, 0xdca0, 0x73e8, 0x0, 0x8, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x4, 0x3ff, 0x7, 0x3ff, 0x3, 0x10001}, 0x0, 0x7, r3, 0xb) 14:44:43 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x20000000, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 305.136203] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 305.178854] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 305.228687] Interruptibility = 00000000 ActivityState = 00000000 [ 305.255789] *** Host State *** [ 305.267503] RIP = 0xffffffff811c8cac RSP = 0xffff88805afb78c0 [ 305.278631] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 305.287249] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 305.302222] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 305.308336] CR0=0000000080050033 CR3=0000000092315000 CR4=00000000001426f0 [ 305.323413] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 305.328353] ceph: device name is missing path (no : separator in /dev/loop0) [ 305.348384] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 305.354747] *** Control State *** [ 305.358371] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 305.365490] EntryControls=0000d1ff ExitControls=002fefff [ 305.371233] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 305.378178] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 305.378187] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 305.378194] reason=80000021 qualification=0000000000000000 [ 305.378200] IDTVectoring: info=00000000 errcode=00000000 [ 305.378207] TSC Offset = 0xffffff5a4715ec75 [ 305.378216] EPT pointer = 0x00000000a980101e 14:44:43 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:43 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x5421, 0x0) 14:44:43 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0xe7ffffff, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:43 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:44 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0xfdfdffff, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 305.572032] *** Guest State *** [ 305.589095] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 305.620191] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 305.649334] CR3 = 0x0000000000000000 [ 305.661324] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [ 305.678294] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 305.692522] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 305.708834] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:44:44 executing program 0: sendmsg$alg(0xffffffffffffffff, 0x0, 0x4000010) socketpair$unix(0x1, 0x0, 0x0, 0x0) r0 = memfd_create(0x0, 0x0) pwritev(r0, 0x0, 0x0, 0x881806) r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) pwritev(r1, &(0x7f0000001380)=[{&(0x7f0000003040)="02", 0x1}], 0x1, 0x0) fallocate(r1, 0x20, 0x0, 0xfffffeff000) r2 = open(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000100)={0x3, 0x70, 0x81, 0xfffffffffffffff9, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xe34, 0x8, 0x8, 0x0, 0x0, 0x39, 0x8, 0x10000, 0x1, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x507, 0x10001, 0x0, 0x0, 0xe5e, 0x7, 0x8, 0x80000001, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x4800, 0x400, 0x0, 0x0, 0x400, 0x0, 0x9}, 0x0, 0x6, r2, 0x2) pwritev(r2, &(0x7f0000001380)=[{0x0}], 0x1, 0x0) poll(&(0x7f0000000340)=[{r1, 0x8000}], 0x1, 0x3) fallocate(r2, 0x20, 0x0, 0x0) syz_open_pts(r1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0) syz_mount_image$ceph(&(0x7f0000000000)='ceph\x00', &(0x7f00000000c0)='./bus\x00', 0xfff, 0x3, &(0x7f0000000200)=[{&(0x7f00000003c0)="3f18fad568066f133bd429591f4183bbaa02e0f4c313b70b0a6aa1fa497d031b311621c7631ee85a545f8e4101e3706aa95e019becadb25af85d52292733b27120be43783c4bb868b306acc192cda6ce93c4466a5fc49dfb1eaa1a65d934db176a26b5afe9e2a675443bdfc508c3615190fdcea04c121d62fc900af80556e9d53679fc1c4d9ad4cc879bf8f976012fe86515da687879d60977226e5490d0625be2e57bbeaa404bd326b7a57075198e73bff433aa174602992f45669e708bb4319a7248f39d4c22e1d78f7991a80337487f3d32f0933949f791437d8e", 0xdc, 0x4}, {&(0x7f0000000180)="669257a24a3e1be1234c26551204e8eb18d6c38e30a1794ac9ec6b383e5b43e43c647269ee4f910f", 0x28, 0x200}, {&(0x7f0000002040)="2c32a51e2a5a4ee31fd7cbd8ca58db6fd36797fc17d1d57ea9d74c778a71c2ddfbdd67464912e6f70bcee28d45905c0f6d74eed3c5081b549f69343e32b4256aa4c345449a4a1906a4b9fe21e0fcd9b5489048182c9446bb38fb92c58158e7f79295ff7063ca00e4326d6825ceb41c2d5124721245a93ff3fcad42e375f7dd3620b31e25e7fb1f2fe6f5bcc9eb8a5a48aa2f554342c5d0b8c17adde795dd7be9bb970aa05be2f4caf9e46eebb1ddf68607e45df1c3b787ba86b27fd53b8587909d8f3a16cc50f6d9a6c8d5aeb7ec6d38426525ab717c6cbd7a88897396e1543d805c9ee8b4210ed2385b9ecb87b7b690a62190de1d0b48a36e2aac26471b891e21fa7be10577a434dab0e74f1da4cfe4fe1604f0c34278ff4fd4512d68b5c7a8e70275d9f03d7207925455f5bfb2ef7804fddedd5535cb50b26d118927fa2f0ad97682c38fa47570cbba4673572d8a8e7113d78019c3a438472775a923c0f09dc9ff9b5282cd8e8f383c16c3dba2204a167aef53d0f10b01c7a2d71184d05009db047e6a6f97d26726af1e62a2b86f1a82d81bd12b93bcb1fd8dc44f8d31f4b90c472b74ed5c2ba9ec9d91470e4b8c64cb620c4edb3ba8fc8e5b36ffe8807e439925475a81ceb08c116f88b54e38a2d42b725cc2b1c4496cdbd5b03ac49154e5b2196f9ccde0d1fc8ddde46c59119fff7dcb2fc59f5a9183ebc6ce5ec0bb61cdd6a9bbc02483aab82e235c47988f0e266a44db53707f094d3712f8678d5094631d470d953441d19fe3d36b570c901c5900894cb3f5d161bf2ee7675addabcbc63c932d7f56a0feb7bceaab6ccd0c37937d4264d2549f5749d8b97b0a0a1523b7c0163202db68a7c31012ff3f01ff30c40460fcb324584b386785b4a1359e801b287dc13866b6e817cfaa301ca2e0dfbe7dc9d744738bec72d15bee5117c82313dec71db61c449a606afbaea44c67e73c4954605709331864a57e6213a0f5421ff9cbd36f18db1fda69f68004b405aed0670c378c03c1c1ad3a5353fdac2c6fc287499743bdd0f43062979f9bc51ed9fe15075cb2629d9892776bc47a49d4fb5b96876b8ba894258b685ab2803cb64169b2349a7e78ab3d306baef898cc2020acb6a55aa8a36758b0150dc0af54fa88d7c842f37f12a0fe4c286d46023861cd9db69e7201d403a49a1acdb3ee11933b71e7cd714b8b9f436de26910f387562a598ef9246a4af9d432f9c00998aedaf921cdc507f5455368f798613f67f5c8a717c6793aecf19760de8dbd7a735325168418065a176e31079a85e0345817d1ebb935ff8c66e9e9fbb82c17ce457ea1569427b647377ac07de188e0a4d1643d05b13ce5a7e22497c350a0bb423eb5c040599ae91fa36123dde77d410805d4050e89d4e677a724d629e85c58b6f6b61b46f19ba31bc3d77a82f1bd26e72dcdb9d7e646407c490e8e47852f09b3d2c5d638c7bea3d547c65090b3e69e5a9a00bbfadb8ef98e1b4c28374ea0f36347d06ff44c1e12680b6dedd33386c6488441a8e03af038dfc15fe49d8c290dd9a014d8604b68e664115b66869060e92b73aa7361111aa28d95ce365772903fb0a983967d949d6a4c95e954460b45f22896e8433d1769db5b3c3716f34cca04b94cf81122a8a1132d2fbe52578ec6f417581e1eeb53174686b1b76de9c385314c01644e6569fb99d2e1064132d471a721d95ba25916ab59b922a022838ef48720a5d0940209113898cc3b70d02ad6545d77dc35db68d65b228559493bac91ae5eabe5b4c48b52ac2bea321148fa434ba9cdbed92f25b9b85a380871dbedec6bca3394b5f5213ba698857d27f2ec03921c53c708f532929112ee23e62afaaa67a20e9fae8c62e7c58691dc0ed571a2f4f10f733f327c95b65525dc611d35cb25620da31ba7f5424cea415ff87615f7ed8722740f34f6d2d4710ca580f1eeea1269672aecdd1445b42105400c67c32089d77dcaa342333af712f0fc42045c1905a17c90711a065a5d5b6ddc35631cb91106f2adc5aed8461314023362ec715b79e229ec5a90d32089911250fadacc2d9624d4588fa8f46220041ddada732c947a3fd0b355c427dcb24ffe7608191cf034ef156e78acc9834c258a649b4f5de751c8b19df3baf46f317290b760e4c08cc506757cd16df98bdf1214d32ec974111290286f156d57db01f0d4f8865363cd913d2e719a663207e389bd1d407793a846d1d21308618f1cb234731200cda73bb26c7714ae3761485f6cab6805f632ca58eaa72bba30cd1fb1792da05f53db5cb25230c67a01ed36bf96f9cfa67da61eaac04df8acd7f29aa81c385c3634d88d44ad692324c76b0ed4cf6e2e785b07b784d0a7ecbeef6145a20380ded0768b22618ae32471ac0b3f391ebb517ac28c2a92b11acb0e1117beab257068b9f24d5b87ed8c9d4d6caa76ad1f5f48a86d6b0bdd3fa76ad524455eafb5ed7121e6b81ebc102813f06c2d0237ef86156954e320a980e82790214eddb07be3dcbb291551ffa9e7cf8846d23af5e22afea12469f1d9c76bc4e23a69935dc1195606023a1c33ebeccac82c19b1952490f77c1447ebed360ec373a3786aa0afc42dee6a4ee805bdae07ef7038eb3e378ebd4dac5f56995e522cd8398a0d744a9fbcb100397d7426a9805bdfea8579e9819e7b4c404626e5e7e5bc9c3d94ce451420c29381393bfe8855eddf6983ac963f1f8631de3f2f534d18af87af319465ac7c03eafdfca89444e61e3a85189bc8e0e1fc0641b0846e2dfecc67ef582a7b7eb3c88fb97ab1b4252aff05e3ec30b7cbf15aa8dd60c4ef17787a61b25f98b3606caf6b8df5e25a094bad085e3d71a0b230767dffbec038a19a2ef6c78b5da4cbbc78860df5269c2eaed6696861f1b3ae46c92d858f342895415f5c675bcb083325d96d52ff15ad1ffa6cd69d89977b9bf3c93396b55c039e418ef008cc00939a981098047bdb03a586703d27c48f2a145f7d4b529fb0b65ba2c2e4e0695ecfeeeea10e39255c0fdb2399d1c46920891dcd8626114b0e9c96beeeb2bbeb764ee207f1df1ad1835557814ceea3201d8c625498553bc70b0d1290b67dfb1cb720a840ec2e6c91aca767fb4f10d00e9e40ceb27335b456e650bffe17eb5a3791c8684034d762f303b535a800ba9daeee234b25306fad643afeadd201f29f8c09691301253336210d2e123c40e56f862f06e1d8c7b72312c68a47c83b0e4e0041f17e82a601a06049a35d1346393500aa18f6457e05b0a0a640683cbfed281387621b683816880d7cc1c5e3ae0ad3147a2b51dc924479303fbd18f41eb1354c3f85ecbdd9825253c684178fadbbf23fbb87a904edf4b8aefcc32a35a8be1ad8407306cf89929d51489886e4e9941fd54c88cd8f130aff13ecc7d3bd5e0365222a39df24cfc1424537fa665eeb0763500f06455e1c38cb08089118ca25c55943d0e2b951bfe63e4185b9150201ee693a5345ddf6ed4b8406effed33f34d91d44583dfd7fb2acb2287c90d01ade0271d4211366e48c741e88d8ea9af1443d4e6cf303440db8b2a8e962c2549bb26b754b2349889a32047265755b46c2c3f01704ecdb83e5c2c5b3cba60a716503c127e9c821d27a88e7b224ce77a2297a3592607c28ccbfd5387f6154cc6b6742a2da59ca5253761116774dfc933a404560696bc8db980048203a5b8b4908c5fd7cefa6ecf1b5633ad841138b671e4586744750e48744228afbe9de4b2b71009f10200c8beeb9d0fd0f21d27aded9e64050f0ebde80aea6fd660a15c10cc24094fb8cfc9dc62ca85866769e48d63bf44ef3d464e4aa9e56f721b4a60bad1888084d89e96de442379d1286eef7e05cd7e6e158c70942347f042771e116ca226d11f9433ecd760b83a5c4f8c0c5124fbfcc9aede723031b58c4a746a1dd306ce7e0e75d6cf85657dd63f379b4f674520a18ad872d6ccb8975c89f951f0ddc5696d294feb544ba8ef61a771c9a1b650888515ef8b8b231620751eadab5da041fa2e418e38183c74dfd2e839dba60029e6c5ae12fe3c2dd5479a94738857c0fcf7b26b5e69972a9b35fb86b3200e6d21144d44c7d30976a735c65da398ab7e97b657fbc75f169dacdc3273b9b901fb36831eec723a76ea757f2e7861c9d933fc187f113656b172f5c40eb769649d3d901e0f1c947cc828a83062baab93c236065e8b041328feb8daf8c4aafcfb16a36e3c1472225c95c74b4cbc93a63cf867ec4456b05b7a550d7d2488a043a5da8ea888070761c6e77ac9bdb44e80930bb2c713ac730ebfded686238908faf4e33f6fa91ac392b2d4fb2a717c4a135fe6d0b7653f981e8da734ac276c14da6851ee11c8b70f0d857f3413a41a3cda0992aec80e78bc3321acc1816ee7c6f73b3a074f564df3284d784c8d505afd76c007cb49d51d7cf2d522c4a77877d1cadade0c3d1936b3db9d274f58f76256b36d80a57381505fb3546526ae5fc4318ff08015913f59a111cf219359aa2fba79df05c8a1baad4c920edfac11d69085ed31931ce8007e85b7f2d46af2fa46125d22192dc9fff5de16f34bd38eebedf6cbd45a441a5eb5df792161630b03987338e1adddc3782d1672eb1b81644b1dbeb0dddad606404955bf19525fe7ecfaf941afb6a6b2a1c7bfd73b935a455f341bb865206f620c02e9b94d0a78cbe59594536bbfb4c7f03de3623981291e944294a902cdecae35d355149f11da8c9c69d322ebd50404e2e85b42ea6cdfec5e0059c8e65ac7aab4d8178ab551ee870da96c21151e30c5cd64c3d9f7d2ddba539f9288b6274cfbfb6fe5ffd991eb6bf4027133bbb893759a42769f2fe8d03eca9ed4106523e13e08a73feb4e777b47236e71dcdd90c21fcf70d7e92a0ba6733c8259962fdf2fbf7758b03ade3cb4e3ac7b040e350280149a6bccef4f1d7f90fe80f9325b8f3a420744bda11079f3094539818f6742e1fa725a8d3e9fbf1e3f3d77423c3aece450d264af40e9c5810082c37f788a11d6fe85518fac608c4823f6a4545ddedd56b4b1ce6c3c9f644b9aa809dfbf8a9b26bdfd102602b7f5e5619090928f7a0f1de0dc6250400800dc65db37f8d1917aba20f4e63ecf799c9eff054cbd890d7a7d8c0bea5a123a65269d90ac80fcc49911db4737d6d7698be8120016a45104548de9e0910776bee30d4f36adb2e26f96eeb23b938e73a70e4e02d808ece98599ca6c2ca9500c1e640c7448f778dda303ebffa6b4da51981008da3eea65ad16e4e0286dc2a925516688f6ce29f9199deb28f4ccf44b855da2d42d6b8e35eeec313f994b4e375a168e6666f3453466c300f2cb9266f81206472842dd76b9820f8ce41154137c4c502318b86ef7f11132039e9f0e1ef6be2085e7679118a0b11ba6f9d76d0b097280db7f426a08f17666fc9746aa8fd56f7862f327789ed5b409ceb58573dc9947742af0e90a13c9743d47d2961df2d54b5b9965277389e8c6ac7770fa7a5aa54811c9847bea0e8e5d3fa42d1f53cbc195b584aa85c1bc54e61d240b2dee20e113d1e257cda7947a0000c92c7e17d3f33107d8019191db46b5b05c35148580b81d85719aea7cab2bc8be99aead4477ec3a68fe405a74a2c06f386abea0c7ce3f8fb376a716839b0b7abb47babd8d219ca0f83f20ec8660b2bf40dae72464b2e42527490ed83fdcb1f1977fa6d9ebc1ed6732f6cd2105d765999ab43efb62c2424699819e5ba14f539722d1aca3922c0c96480696454ab88e10f061b305e7ce59d4ead57993d2a526d5b39bbb843329fa488", 0x1000, 0x6a13}], 0x10000, &(0x7f0000000280)='cpusetwlan0\x00') inotify_init() r3 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee67, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpeername$packet(r1, &(0x7f00000001c0), &(0x7f0000000380)=0xce) socket$unix(0x1, 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$UI_END_FF_UPLOAD(r1, 0x406855c9, 0x0) shmget(0x2, 0x4000, 0x7800061f, &(0x7f0000ffa000/0x4000)=nil) shmctl$IPC_RMID(0x0, 0x0) r4 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r4, 0x0, 0x0, 0x10000101) perf_event_open(&(0x7f00000002c0)={0x7, 0x70, 0x35, 0xd4, 0x4, 0x2, 0x0, 0xfcf, 0x8800, 0xf, 0xa0bd, 0x7, 0x3, 0x9, 0x0, 0x401, 0x9, 0x1f, 0x380000000000000, 0x5, 0x3f, 0x9, 0x8000, 0x1ff, 0x9, 0x80, 0x0, 0x34d, 0x8f, 0x1, 0x4, 0x3, 0x10001, 0x7fff, 0x0, 0x8, 0xdca0, 0x73e8, 0x0, 0x8, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x4, 0x3ff, 0x7, 0x3ff, 0x3, 0x10001}, 0x0, 0x7, r3, 0xb) 14:44:44 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0xfecaedfe, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:44 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) gettid() tkill(0x0, 0x1000000000016) tkill(r0, 0x16) 14:44:44 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x5450, 0x0) [ 305.728130] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 305.760741] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 305.830876] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 305.854107] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:44:44 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0xfeedcafe, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 305.876718] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 305.895150] GDTR: limit=0x00000000, base=0x0000000000000000 [ 305.913777] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 305.934695] IDTR: limit=0x00000000, base=0x0000000000000000 [ 305.950745] ceph: device name is missing path (no : separator in /dev/loop0) [ 305.966338] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:44:44 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) [ 305.998753] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 306.030143] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 306.041916] Interruptibility = 00000000 ActivityState = 00000000 14:44:44 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0xfffffdfd, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 306.056734] *** Host State *** [ 306.070825] RIP = 0xffffffff811c8cac RSP = 0xffff88805b8e78c0 [ 306.110054] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 306.156928] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 306.190433] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 306.206784] CR0=0000000080050033 CR3=00000000a56e2000 CR4=00000000001426f0 [ 306.224919] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 306.234027] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 306.257149] *** Control State *** [ 306.279813] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 306.293845] EntryControls=0000d1ff ExitControls=002fefff [ 306.309355] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 306.320085] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000 [ 306.328820] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 306.359221] reason=80000021 qualification=0000000000000000 [ 306.372652] IDTVectoring: info=00000000 errcode=00000000 14:44:44 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:44 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x5451, 0x0) 14:44:44 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0xffffffe7, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:44 executing program 0: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/autofs\x00', 0x171000, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000400)='/dev/snd/controlC#\x00', 0x8, 0x2000) r2 = fcntl$dupfd(r0, 0x0, r1) r3 = socket$inet(0x2, 0x6, 0x10000) ioctl(r2, 0x1000008912, &(0x7f00000000c0)="0ad401003c123f319bd070") r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) listen(r4, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c) write(r5, &(0x7f0000000280)="a2", 0x1) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00') ioctl$KDGKBENT(r0, 0x4b46, &(0x7f0000000440)={0x6, 0x2, 0x1}) sendmsg$TIPC_NL_NET_GET(r3, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="40010000", @ANYRES16=r6, @ANYBLOB="00042dbd7000fedbdf250e000000280006000400020004000200080001000500000004000200040002000400020008000100010000001c000600080001000104000008000100ff0f00000400020004000200180006000400020008000100c800000008000100ffffffff1400070008000100020000000800020000020000100004000c00010073797a31000000003c00010038000400200001000a004e20000000089db1d1d4b4c4d6b5c2f5ab926517d820feff29ff1400020002004e227f0000010000000000000000180006000400020004000200080001000100000004000200580005004c00020008000400dd0a00000800030003000000080001001e000000080002000800000008000400050000000800040000800000080002000000000008000300b200000008000400090000000800010069620000"], 0x140}, 0x1, 0x0, 0x0, 0x48801}, 0x4000) r7 = accept(r4, 0x0, 0x0) sendmsg$TIPC_CMD_RESET_LINK_STATS(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x30, 0x0, 0x0, 0x0, 0x0, {{}, 0x0, 0x410c, 0x0, {0x14, 0x14, 'broadcast-link\x00'}}}, 0x30}}, 0x48000) close(r5) [ 306.378469] TSC Offset = 0xffffff59b4191173 [ 306.386425] EPT pointer = 0x000000008992c01e 14:44:44 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, 0x0, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:44 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 306.528890] *** Guest State *** [ 306.545505] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 14:44:45 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x5452, 0x0) [ 306.593599] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 306.616307] CR3 = 0x0000000000000000 [ 306.625806] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [ 306.643008] RFLAGS=0x00010002 DR7 = 0x0000000000000400 14:44:45 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) gettid() tkill(0x0, 0x1000000000016) tkill(r0, 0x16) 14:44:45 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x200000000000000, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 306.698647] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 306.751474] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 306.778990] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 306.789940] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 14:44:45 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x500000000000000, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:45 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x5460, 0x0) [ 306.814631] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 306.832350] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 306.881060] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 306.909421] GDTR: limit=0x00000000, base=0x0000000000000000 14:44:45 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 306.954390] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 306.969950] IDTR: limit=0x00000000, base=0x0000000000000000 [ 306.982844] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 307.031138] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 307.038814] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 307.069985] Interruptibility = 00000000 ActivityState = 00000000 [ 307.076427] *** Host State *** [ 307.086894] RIP = 0xffffffff811c8cac RSP = 0xffff88805a17f8c0 [ 307.094527] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 307.102373] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 307.111089] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 307.117440] CR0=0000000080050033 CR3=000000009f58e000 CR4=00000000001426f0 [ 307.124983] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 307.132502] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 307.139393] *** Control State *** [ 307.143279] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 307.151312] EntryControls=0000d1ff ExitControls=002fefff [ 307.156812] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 307.163928] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000 [ 307.170905] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 307.177702] reason=80000021 qualification=0000000000000000 14:44:45 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:45 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x40049409, 0x0) 14:44:45 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, 0x0, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) [ 307.184107] IDTVectoring: info=00000000 errcode=00000000 [ 307.189902] TSC Offset = 0xffffff59324f0f74 [ 307.194605] EPT pointer = 0x00000000a166701e 14:44:45 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x74, &(0x7f00000002c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd60d8652b167b9c5500142f00fe6e00000000000000000d00000000aafe8000000000000000000000000000aa01000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(0xffffffffffffffff, 0x404c534a, &(0x7f0000000040)={0x0, 0x1000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000140)={0x10}) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockname$netlink(r0, &(0x7f0000000000), &(0x7f0000000180)=0xc) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.stat\x00', 0x0, 0x0) ioctl$sock_inet_SIOCDARP(r1, 0x8953, &(0x7f0000000200)={{0x2, 0x4e24, @multicast2}, {0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x2, {0x2, 0x4e21, @loopback}, 'ifb0\x00'}) add_key(0x0, 0x0, &(0x7f00000000c0)="3058020af10cb8b56c96d27c44d58e94ea51a7dfc59e92e80d9482ca7839173a8f1143a711f5a939b4fd0072693a46c08df6616dd21be3453ecf73039a20f43acbc5376139a9070ae27dd847474d1e59b2697801e6ebd80f75ca", 0x5a, 0xfffffffffffffffd) sched_setscheduler(0x0, 0x0, 0x0) syz_genetlink_get_family_id$fou(&(0x7f0000000280)='fou\x00') 14:44:45 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0xe7ffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 307.335679] *** Guest State *** [ 307.339479] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 307.358922] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:44:45 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x4004ae8b, 0x0) [ 307.393396] CR3 = 0x0000000000000000 [ 307.399582] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [ 307.422686] RFLAGS=0x00010002 DR7 = 0x0000000000000400 14:44:45 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0xfdfdffff00000000, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 307.458647] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 307.499013] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 307.523210] audit: type=1400 audit(1555339485.957:138): avc: denied { getattr } for pid=12085 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 307.566100] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:44:46 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x0) tkill(r0, 0x16) 14:44:46 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x74, &(0x7f00000002c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd60d8652b167b9c5500142f00fe6e00000000000000000d00000000aafe8000000000000000000000000000aa01000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(0xffffffffffffffff, 0x404c534a, &(0x7f0000000040)={0x0, 0x1000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000140)={0x10}) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockname$netlink(r0, &(0x7f0000000000), &(0x7f0000000180)=0xc) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.stat\x00', 0x0, 0x0) ioctl$sock_inet_SIOCDARP(r1, 0x8953, &(0x7f0000000200)={{0x2, 0x4e24, @multicast2}, {0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x2, {0x2, 0x4e21, @loopback}, 'ifb0\x00'}) add_key(0x0, 0x0, &(0x7f00000000c0)="3058020af10cb8b56c96d27c44d58e94ea51a7dfc59e92e80d9482ca7839173a8f1143a711f5a939b4fd0072693a46c08df6616dd21be3453ecf73039a20f43acbc5376139a9070ae27dd847474d1e59b2697801e6ebd80f75ca", 0x5a, 0xfffffffffffffffd) sched_setscheduler(0x0, 0x0, 0x0) syz_genetlink_get_family_id$fou(&(0x7f0000000280)='fou\x00') [ 307.610410] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 307.628942] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 307.650749] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:44:46 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0xfdfdffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) [ 307.658862] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:44:46 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='stat\t\xc0\xd2\xfe\xbc\xf9\xdf-\xea\xc8\xc1w\xff\x17\x12H\xe9\x11\x93Q0I\xf81U\ro}\xe6l\xf6\x17s\'C\xe3\x97\xb8\x9f&\xed\xa4\xdc\xc3x?\x9d\xb5\x11k4\xd3\x1b\x05\x12\xa5`\x8a\xaf\xf0\x1eyR4\f\xd6\xfd\x00\x00\x00\x00', 0x275a, 0x0) write$UHID_GET_REPORT_REPLY(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, 0x4001008002}, 0x219) connect$bt_sco(r1, &(0x7f0000000040)={0x1f, {0x100000000, 0x800, 0x4, 0xf07, 0x8000, 0x9}}, 0x8) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x12, r1, 0x0) ioctl$FS_IOC_GETFLAGS(r1, 0xc020660b, &(0x7f0000000000)) 14:44:46 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x4004ae99, 0x0) [ 307.734957] GDTR: limit=0x00000000, base=0x0000000000000000 [ 307.798442] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 307.829389] IDTR: limit=0x00000000, base=0x0000000000000000 [ 307.846529] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 307.893040] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 307.912959] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 307.937314] Interruptibility = 00000000 ActivityState = 00000000 [ 307.955408] *** Host State *** [ 307.962530] RIP = 0xffffffff811c8cac RSP = 0xffff8880576078c0 [ 307.968751] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 307.977134] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 307.986295] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 307.992387] CR0=0000000080050033 CR3=00000000a4214000 CR4=00000000001426f0 [ 307.999558] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 308.006560] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 308.012931] *** Control State *** [ 308.016401] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 308.023262] EntryControls=0000d1ff ExitControls=002fefff [ 308.028937] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 308.036450] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000 14:44:46 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:46 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, 0x0, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:46 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0xfecaedfe00000000, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:46 executing program 0: getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000bc0)={{{@in=@multicast2, @in=@local}}, {{@in=@dev}, 0x0, @in6=@dev}}, 0x0) r0 = openat$apparmor_task_current(0xffffffffffffff9c, &(0x7f0000000480)='/proc/self/attr/current\x00', 0x2, 0x0) r1 = dup3(0xffffffffffffffff, r0, 0x10000000000) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, &(0x7f0000000280)) getresgid(&(0x7f0000000900), &(0x7f00000004c0), &(0x7f0000000940)) fstat(0xffffffffffffff9c, &(0x7f0000000880)) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee68, 0x1, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) ioctl$SIOCX25GDTEFACILITIES(r1, 0x89ea, &(0x7f0000000a00)) fchdir(r2) prctl$PR_GET_FP_MODE(0x2e) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r1, 0xc0bc5351, &(0x7f00000005c0)={0x1, 0x2, 'client0\x00', 0x4, "01ee703c0b4babb8", "b811ff0c6e3b92b0f2ff316dd7514d4c7111f0e20c0b8775ccb40c648cbb7414", 0x7, 0x200}) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="0000000000000000faff070000ee8b08b7960ff7aa6e041c7700fdf0058058aa0063b8f24252b12a1fa366f29396eba2e50ca8cb4ef092d85cbf1d0000000038f70f653f0ffb09f0d536b564df5e0a9e0e09251d3534da91b5b9fb50080000000000000063e232b9b2500fb1d96033ccfdff0664cffcf15c937d1aa65d6b9917694df4616dc0e90ee3ccd44758f0c6e5591505091f60c360c09df5658ba53071461fe70cd72eb04e3079e4765fc04301a86f2cfed0bbf9d52fc19dd06bee71535dc608d068156d991f79125e1994cc686e0539e1c6519c6c0de67b21ec0d3b956fb5756e4deadf01d044fc1b1091933653539af7fef0bfd909d97912c5ae513d9fb72cdfbb420948a73104e396c41ea3ff557d77367039b41ca8f60e51d0f5c485ffe9efa063c7b08c89b6be7ebcbbb88487fed182943c2f87259049fa93dc84afb9a314d2459b31712596cf271e38a0b59e42f87cd17ca423660fba26c1694112f6a276cda961"], 0x157) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r1, 0x404c534a, &(0x7f0000000700)={0x6, 0x100}) r4 = syz_genetlink_get_family_id$nbd(&(0x7f0000000180)='nbd\x00') sendmsg$NBD_CMD_RECONFIGURE(r2, &(0x7f0000000780)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000240)={0x38, r4, 0x300, 0x70bd2b, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x401}, @NBD_ATTR_SOCKETS={0xc, 0x7, [{0x8, 0x1, r3}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x80c0}, 0x4004000) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unlink(&(0x7f0000000040)='./bus\x00') sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r3, 0x0, 0x61, &(0x7f0000000680)={'filter\x00', 0x4}, 0x68) mkdir(&(0x7f0000000580)='./bus\x00', 0x0) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r1, 0x10e, 0x8, &(0x7f00000000c0)=0x40, 0x4) 14:44:46 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x40086602, 0x0) [ 308.043681] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 308.050496] reason=80000021 qualification=0000000000000000 [ 308.057039] IDTVectoring: info=00000000 errcode=00000000 [ 308.062948] TSC Offset = 0xffffff58c1f81911 [ 308.067415] EPT pointer = 0x00000000a166701e 14:44:46 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0xfffffffffffffdfd, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:46 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x40087602, 0x0) 14:44:46 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x0) tkill(r0, 0x16) 14:44:46 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:46 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0xffffffffffffffe7, 0x0, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:47 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:47 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x4020940d, 0x0) 14:44:47 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x2, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:47 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:47 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x5, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:47 executing program 0: syz_emit_ethernet(0x7e, &(0x7f0000000140)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb0800450000700000000000019078ac7014bbac1414110b06907800000000450000000000000000890000ac1414aaac141400444000000000000000000000e000000200000000e000000100000000000000007f000001000000ffffffff00000000e000000100000000ac1414000000000000"], 0x0) 14:44:47 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0xe7, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:47 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:47 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x4048ae9b, 0x0) [ 309.217206] *** Guest State *** [ 309.230138] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 309.312904] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 309.328956] CR3 = 0x0000000000000000 [ 309.339987] RSP = 0x0000000000000f7c RIP = 0x0000000000000007 [ 309.346953] RFLAGS=0x00010046 DR7 = 0x0000000000000400 [ 309.371741] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 309.378667] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 309.392409] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 309.402565] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 309.411154] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:44:47 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x0) tkill(r0, 0x16) 14:44:47 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x500, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:47 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:47 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x4090ae82, 0x0) 14:44:47 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = creat(&(0x7f0000000140)='./file0\x00', 0x80) getsockname$inet6(r1, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000240)=0x1c) r2 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r2, &(0x7f0000000100)={0xa, 0x4e21, 0x0, @empty}, 0x1c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x0, 0x20}, 0xc) connect$inet6(r2, &(0x7f0000000200)={0xa, 0x4e21, 0x0, @loopback}, 0x1c) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") write$binfmt_elf64(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="7f456b460000000000000000000000000000000000000000000200da000000004000000000000000000000000000000000000000000038000000000000001000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060a8a89e4c42e4d6c277e94a9e5a43b7c81a4d76f4237de33ff437b6a911083d9cc90599f8258773eec27d8c9268e03b71468403de24dbe6c63c759ddec48df7e1b8951ae8002b922ec2938c0e30319fef3757d0970c80d1"], 0x78) [ 309.419541] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 309.429207] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 309.437797] GDTR: limit=0x00000000, base=0x0000000000000000 [ 309.447065] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 309.522562] IDTR: limit=0x00000000, base=0x0000000000000000 14:44:48 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) socket$inet6(0xa, 0x1, 0x0) r1 = syz_open_dev$media(&(0x7f0000000040)='/dev/media#\x00', 0x0, 0x0) ioctl$int_out(r1, 0x2, &(0x7f0000000000)) sendmsg$TIPC_CMD_SHOW_NAME_TABLE(0xffffffffffffffff, 0x0, 0x20000000) poll(&(0x7f0000000040), 0x20000000000000e5, 0x0) read(r0, &(0x7f0000000080)=""/94, 0x5e) 14:44:48 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x2000, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:48 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x4138ae84, 0x0) [ 309.569275] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 309.593582] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 309.678797] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 309.713161] Interruptibility = 00000000 ActivityState = 00000000 14:44:48 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0xe7ff, 0x0, 0x0, 0x0, 0x15182c}}}) [ 309.729236] *** Host State *** [ 309.740261] RIP = 0xffffffff811c8cac RSP = 0xffff88805b53f8c0 [ 309.755057] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 14:44:48 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x41a0ae8d, 0x0) [ 309.808890] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 309.845691] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 309.876165] CR0=0000000080050033 CR3=0000000080e53000 CR4=00000000001426f0 [ 309.899561] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 309.908956] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 309.921769] *** Control State *** [ 309.925397] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 309.947156] EntryControls=0000d1ff ExitControls=002fefff [ 309.964030] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 309.999158] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 310.024369] VMExit: intr_info=00000000 errcode=00000000 ilen=00000006 [ 310.035814] reason=80000021 qualification=0000000000000000 [ 310.043296] IDTVectoring: info=00000000 errcode=00000000 [ 310.049627] TSC Offset = 0xffffff57c355ea5f [ 310.058315] EPT pointer = 0x00000000a5b7201e 14:44:48 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:48 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0xfdfd, 0x0, 0x0, 0x0, 0x15182c}}}) [ 310.237788] *** Guest State *** [ 310.247736] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 310.264624] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 310.283785] CR3 = 0x0000000000000000 [ 310.287694] RSP = 0x0000000000000f7c RIP = 0x0000000000000007 [ 310.309799] RFLAGS=0x00010046 DR7 = 0x0000000000000400 [ 310.320289] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 14:44:48 executing program 5: gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r1 = gettid() tkill(r1, 0x1000000000016) tkill(0x0, 0x16) 14:44:48 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:48 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x8004ae98, 0x0) 14:44:48 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0xffe7, 0x0, 0x0, 0x0, 0x15182c}}}) [ 310.344014] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 310.386022] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 310.409906] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 310.429597] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:44:48 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x1000000, 0x0, 0x0, 0x0, 0x15182c}}}) [ 310.476013] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 310.512183] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 310.567886] GDTR: limit=0x00000000, base=0x0000000000000000 [ 310.595866] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:44:49 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000080)=0x80000001, 0x4) recvfrom(r0, &(0x7f00000000c0)=""/176, 0xb0, 0x21, &(0x7f0000000180)=@tipc=@nameseq={0x1e, 0x1, 0x2, {0x43, 0x2}}, 0x80) ioctl$sock_SIOCGSKNS(r0, 0x894c, &(0x7f0000000000)=0x6) 14:44:49 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x2000000, 0x0, 0x0, 0x0, 0x15182c}}}) [ 310.630815] IDTR: limit=0x00000000, base=0x0000000000000000 [ 310.664471] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:44:49 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x80086601, 0x0) [ 310.723520] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 310.764034] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 310.801506] Interruptibility = 00000000 ActivityState = 00000000 14:44:49 executing program 0: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$tun(r0, 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) mlock2(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) mlockall(0x0) mount(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) syz_genetlink_get_family_id$team(0x0) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, 0x0) sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, 0x0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) open(0x0, 0x0, 0x0) r2 = dup(r1) bind$inet6(r1, &(0x7f0000000600)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendmsg$IPVS_CMD_GET_DAEMON(r2, &(0x7f00000007c0)={&(0x7f0000000100), 0xc, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="783848038a66cbd413feef45dd8e8d35846b6a7e1ebc9ce59b5adece779e603b8a6f7a5db7d8dd3c4033de255d8b3fba12157bbb6c0116e1d030c800ca1e16cf3451b4536491e1346718c414627334ec27bb0746a15994b77eac3b777c023f22254becd6ddedd1bf7886c3b84877e96e36a78e0be639cc4134d1c29e4b7a94da5cbea5be6d67e017c1b1fc07bce86f1798d9bc23a5fbfab2dab145e3a0bab648b4c3070000002cb28b84ed5bc490bcc3a98111c8ef22f724f37c7275a210093bc060f39ccf90f8986f20de741da82a97be8b995f1239eb68b7fdba3e601e289182d1f5e5adae721e1f1dfd29633ea15339fbf10ff6"], 0x1}}, 0x0) write$FUSE_POLL(r2, &(0x7f00000005c0)={0x18}, 0x18) setsockopt$inet_tcp_int(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_int(r2, 0x6, 0x18, &(0x7f00000001c0), 0x4) r3 = open(&(0x7f0000000000)='./bus\x00', 0x100000141042, 0x0) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000240)={0x0, 0x7e, "a12f785dd4cd2b61ddde1d839ad6ef64a5903a4a5c1fef4ebe0786786bda848a729c6e3b0210442b5e5d4d48a9c04c5d80aed50f822f4c42fc58d9541abbe4112f48dcc80d04102636780ce166c352fbff7a41b3873abef8fe01fd2496ee03d76b7124805e61e88a40495b4d44155c33140f82f1c145a0815a9b9aa0195f"}, &(0x7f0000000040)=0x86) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000180)={r4, 0x5}, 0x8) ftruncate(r3, 0x10099b7) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000200)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x5}]}, 0x10) sendfile(r1, r3, 0x0, 0x8000fffffffe) [ 310.826878] *** Host State *** [ 310.840748] RIP = 0xffffffff811c8cac RSP = 0xffff88805b53f8c0 14:44:49 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x5000000, 0x0, 0x0, 0x0, 0x15182c}}}) [ 310.870868] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 310.915560] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 310.954301] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 310.969631] CR0=0000000080050033 CR3=0000000082d3a000 CR4=00000000001426e0 [ 311.009629] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 311.035401] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 311.045807] *** Control State *** [ 311.078223] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 311.089923] EntryControls=0000d1ff ExitControls=002fefff [ 311.101519] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 311.109143] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 311.116763] VMExit: intr_info=00000000 errcode=00000000 ilen=00000006 14:44:49 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:49 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x20000000, 0x0, 0x0, 0x0, 0x15182c}}}) [ 311.124168] reason=80000021 qualification=0000000000000000 [ 311.130855] IDTVectoring: info=00000000 errcode=00000000 [ 311.136530] TSC Offset = 0xffffff5735ea377b [ 311.141429] EPT pointer = 0x0000000086ab301e 14:44:49 executing program 5: gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r1 = gettid() tkill(r1, 0x1000000000016) tkill(0x0, 0x16) 14:44:49 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0x0, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:49 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x80087601, 0x0) 14:44:49 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) getsockopt$bt_BT_DEFER_SETUP(r1, 0x12, 0x7, 0x0, 0x0) r2 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x0, 0x2) epoll_pwait(r2, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}], 0x6, 0x9, &(0x7f0000000100)={0x8}, 0x8) 14:44:49 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0xe7ffffff, 0x0, 0x0, 0x0, 0x15182c}}}) [ 311.245305] *** Guest State *** [ 311.248642] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 311.257703] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 311.278296] CR3 = 0x0000000000000000 [ 311.319884] RSP = 0x0000000000000f7c RIP = 0x0000000000000007 [ 311.339955] RFLAGS=0x00010046 DR7 = 0x0000000000000400 [ 311.355254] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 14:44:49 executing program 0: r0 = add_key(&(0x7f0000002000)='logon\x00', &(0x7f0000001000), &(0x7f0000001000)="1c989cc9f58ec796be4720e6160291a2fb7c6445e84b8e9e349ead029fe38d5810bf992b5d51f406a51cc339021268aed6f767582af42dbc8ea1110e4353fcf30b20f1f27ed3b44bef6444f8ca6a808e34ded636ef55e151c11b4ef7a5384f4a0ceb885759dfeeca5aaa540de461d2130755897533032f5639c4ba79988a49d63084f2cbed0a84e5e733146f15192fdabd0e3a", 0x93, 0xfffffffffffffffc) keyctl$search(0xa, r0, &(0x7f0000000100)='dns_resolver\x00', &(0x7f0000000140)={'syz'}, 0x0) r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x404000, 0x0) setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000040)=0x3, 0x4) [ 311.374685] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 311.411261] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:44:49 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0xfdfdffff, 0x0, 0x0, 0x0, 0x15182c}}}) [ 311.442887] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 311.457869] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 311.470142] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:44:49 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:44:49 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0adc1f123c123f319bc070") r1 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000140)='F', 0x1, 0xfffffffffffffffe) keyctl$revoke(0x3, r1) r2 = fcntl$getown(r0, 0x9) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/conn_reuse_mode\x00', 0x2, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x70, 0x6, 0x3, 0x6, 0x100, 0x0, 0x7, 0x860, 0xb, 0x7, 0x743, 0x8276, 0x501, 0xd1d, 0xfffffffffffffffb, 0xfffffffffffffff7, 0x6, 0x100000000, 0x400, 0xbe, 0x5, 0xcff, 0x0, 0x1, 0x10000000000, 0x9, 0x6, 0x8, 0xe58, 0x6, 0x1f, 0x80000000, 0x6, 0x40, 0x60, 0x7, 0xfffffffffffffff7, 0x0, 0x9, 0x2, @perf_bp={&(0x7f0000000000), 0x1}, 0x1804, 0xffff, 0x10001, 0x1, 0x1, 0x1}, r2, 0x9, r3, 0xb) request_key(&(0x7f0000000180)='user\x00\xd2HO\x96\xdd\xa6VA/\xd2\xfaQ\xdd4\xa5\xab\t\v\xd0\x8c\x90\xb1\xfc\a\xeb\b(\xbcG\x0fv\xe6f\x00\xed-\xe1\xc9\r8\xc2Z\xb5\xd6,\xb2\xb67\x8f\xc6\x9a\xf3F\xf9\'\xbc\xb4\xc1\"\xd3;\xc8\xa1xT\xfa1{`\x93\x9f\xde\x04\x1a\xc7\x8b\x86\xa0\rK&k\x04-\xea_%t\xf8\xf0\xa9\xb0\xfb\x81\x12\x02\xb9L\x86\xf7\xd8FF\xd0\x19\xf8\r\\(S\xb7\x9c\xc0\xea\xe7\xe4\xfa\xac\xd8\xd6o\b\xbf1$ \xb8\xfa%\x8e\xc9\xb8\x18\xe6\x12r,Y\x02\xc3\xadU\xeb\xa4\xe8\x06\xc9\xee4\xf9\x94\x1du\x8d\x97\xed\x97xc\xca\x8c\xbf>\x98\xfe9+|\x85\x8fnw(\xb3;\xc9\xdc\x82\xb9\xf4|?g\xfcz6\x1a\xe1\x0eB\xc8D|\xe7\xd3\x94\x97\xba\xa64\xb5\x0f8\x03K', &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0xfffffffffffffffa) [ 311.517694] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:44:50 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0xfecaedfe, 0x0, 0x0, 0x0, 0x15182c}}}) [ 311.587262] GDTR: limit=0x00000000, base=0x0000000000000000 [ 311.656336] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 311.707049] IDTR: limit=0x00000000, base=0x0000000000000000 [ 311.768576] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 311.782752] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 311.789375] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 311.797766] Interruptibility = 00000000 ActivityState = 00000000 [ 311.804742] *** Host State *** [ 311.812100] RIP = 0xffffffff811c8cac RSP = 0xffff88805b7c78c0 [ 311.818308] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 311.825408] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 311.834653] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 311.841163] CR0=0000000080050033 CR3=000000008de79000 CR4=00000000001426f0 [ 311.848577] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 311.860605] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 311.866716] *** Control State *** [ 311.878311] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 311.885664] EntryControls=0000d1ff ExitControls=002fefff [ 311.891539] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 311.898903] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 311.906262] VMExit: intr_info=00000000 errcode=00000000 ilen=00000006 [ 311.913379] reason=80000021 qualification=0000000000000000 14:44:50 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:50 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0adc1f123c123f319bc070") r1 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000140)='F', 0x1, 0xfffffffffffffffe) keyctl$revoke(0x3, r1) r2 = fcntl$getown(r0, 0x9) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/conn_reuse_mode\x00', 0x2, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x70, 0x6, 0x3, 0x6, 0x100, 0x0, 0x7, 0x860, 0xb, 0x7, 0x743, 0x8276, 0x501, 0xd1d, 0xfffffffffffffffb, 0xfffffffffffffff7, 0x6, 0x100000000, 0x400, 0xbe, 0x5, 0xcff, 0x0, 0x1, 0x10000000000, 0x9, 0x6, 0x8, 0xe58, 0x6, 0x1f, 0x80000000, 0x6, 0x40, 0x60, 0x7, 0xfffffffffffffff7, 0x0, 0x9, 0x2, @perf_bp={&(0x7f0000000000), 0x1}, 0x1804, 0xffff, 0x10001, 0x1, 0x1, 0x1}, r2, 0x9, r3, 0xb) request_key(&(0x7f0000000180)='user\x00\xd2HO\x96\xdd\xa6VA/\xd2\xfaQ\xdd4\xa5\xab\t\v\xd0\x8c\x90\xb1\xfc\a\xeb\b(\xbcG\x0fv\xe6f\x00\xed-\xe1\xc9\r8\xc2Z\xb5\xd6,\xb2\xb67\x8f\xc6\x9a\xf3F\xf9\'\xbc\xb4\xc1\"\xd3;\xc8\xa1xT\xfa1{`\x93\x9f\xde\x04\x1a\xc7\x8b\x86\xa0\rK&k\x04-\xea_%t\xf8\xf0\xa9\xb0\xfb\x81\x12\x02\xb9L\x86\xf7\xd8FF\xd0\x19\xf8\r\\(S\xb7\x9c\xc0\xea\xe7\xe4\xfa\xac\xd8\xd6o\b\xbf1$ \xb8\xfa%\x8e\xc9\xb8\x18\xe6\x12r,Y\x02\xc3\xadU\xeb\xa4\xe8\x06\xc9\xee4\xf9\x94\x1du\x8d\x97\xed\x97xc\xca\x8c\xbf>\x98\xfe9+|\x85\x8fnw(\xb3;\xc9\xdc\x82\xb9\xf4|?g\xfcz6\x1a\xe1\x0eB\xc8D|\xe7\xd3\x94\x97\xba\xa64\xb5\x0f8\x03K', &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0xfffffffffffffffa) [ 311.919885] IDTVectoring: info=00000000 errcode=00000000 [ 311.925372] TSC Offset = 0xffffff56aa168459 [ 311.929880] EPT pointer = 0x000000008c5a001e [ 312.012310] *** Guest State *** [ 312.015946] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 312.025035] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 312.034829] CR3 = 0x0000000000000000 [ 312.039177] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 312.045434] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 312.052212] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 312.059107] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 312.067451] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 312.075672] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 312.084606] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 312.093344] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 312.101601] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 312.109718] GDTR: limit=0x00000000, base=0x0000000000000000 [ 312.117974] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 312.126319] IDTR: limit=0x00000000, base=0x0000000000000000 [ 312.134906] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 312.143077] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 312.150021] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 14:44:50 executing program 5: gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r1 = gettid() tkill(r1, 0x1000000000016) tkill(0x0, 0x16) 14:44:50 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x8138ae83, 0x0) 14:44:50 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0xfeedcafe, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:50 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0x0, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 312.157496] Interruptibility = 00000000 ActivityState = 00000000 [ 312.185320] *** Host State *** 14:44:50 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0xfffffdfd, 0x0, 0x0, 0x0, 0x15182c}}}) [ 312.220636] RIP = 0xffffffff811c8cac RSP = 0xffff88805b5078c0 [ 312.227133] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 312.267524] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 312.300263] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 312.321222] CR0=0000000080050033 CR3=000000008567b000 CR4=00000000001426e0 [ 312.347523] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 14:44:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 312.372630] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 312.385427] *** Control State *** [ 312.395719] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 312.406131] EntryControls=0000d1ff ExitControls=002fefff [ 312.415694] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 14:44:50 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0xffffffe7, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:50 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x81a0ae8c, 0x0) [ 312.433839] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 312.485199] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 312.522914] reason=80000021 qualification=0000000000000000 14:44:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 312.547354] IDTVectoring: info=00000000 errcode=00000000 [ 312.567193] TSC Offset = 0xffffff5640e80dfb [ 312.578791] EPT pointer = 0x000000009f96b01e 14:44:51 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:51 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x100000000000000, 0x0, 0x0, 0x0, 0x15182c}}}) [ 312.831047] *** Guest State *** [ 312.850287] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 312.877409] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 312.887244] CR3 = 0x0000000000000000 [ 312.891751] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 312.897855] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 312.904373] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 312.912166] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 312.920898] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 312.928897] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 312.936972] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 312.946056] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 312.954880] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 312.963110] GDTR: limit=0x00000000, base=0x0000000000000000 [ 312.971467] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 312.980148] IDTR: limit=0x00000000, base=0x0000000000000000 [ 312.988348] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 312.997021] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 313.004098] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 313.011775] Interruptibility = 00000000 ActivityState = 00000000 [ 313.018040] *** Host State *** [ 313.021359] RIP = 0xffffffff811c8cac RSP = 0xffff88809eb778c0 14:44:51 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x200000000000000, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xc0045878, 0x0) 14:44:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:44:51 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0x0, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:51 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x0) [ 313.027526] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 313.034105] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 313.043202] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 313.049769] CR0=0000000080050033 CR3=00000000a7e56000 CR4=00000000001426f0 [ 313.059270] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 313.067300] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 313.099443] *** Control State *** [ 313.110278] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 313.151743] EntryControls=0000d1ff ExitControls=002fefff 14:44:51 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x500000000000000, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 313.185520] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 14:44:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xc0045878, 0x0) [ 313.240350] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 313.272947] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 313.334641] reason=80000021 qualification=0000000000000000 14:44:51 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 313.376593] IDTVectoring: info=00000000 errcode=00000000 [ 313.410734] TSC Offset = 0xffffff55d4d2184a [ 313.439973] EPT pointer = 0x00000000a961d01e 14:44:51 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xc0189436, 0x0) 14:44:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:44:52 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0xe7ffffffffffffff, 0x0, 0x0, 0x0, 0x15182c}}}) [ 313.688699] *** Guest State *** [ 313.703877] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 313.754664] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 313.795668] CR3 = 0x0000000000000000 [ 313.803052] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 313.819520] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 313.829976] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 313.838335] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 313.847594] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 313.855679] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 313.864170] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 313.872447] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 313.883232] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 313.891363] GDTR: limit=0x00000000, base=0x0000000000000000 [ 313.899495] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 313.907688] IDTR: limit=0x00000000, base=0x0000000000000000 [ 313.916325] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 313.924528] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 313.931028] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 313.939782] Interruptibility = 00000000 ActivityState = 00000000 [ 313.946038] *** Host State *** [ 313.949859] RIP = 0xffffffff811c8cac RSP = 0xffff88804b0778c0 [ 313.957470] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 313.963953] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 313.972748] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 313.979101] CR0=0000000080050033 CR3=00000000a091f000 CR4=00000000001426f0 [ 313.986210] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 14:44:52 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x0) 14:44:52 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0xfdfdffff00000000, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:44:52 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x0, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:52 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xc018ae85, 0x0) [ 313.993751] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 314.000458] *** Control State *** [ 314.003943] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 314.046475] EntryControls=0000d1ff ExitControls=002fefff 14:44:52 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0xfdfdffffffffffff, 0x0, 0x0, 0x0, 0x15182c}}}) [ 314.115373] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 14:44:52 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xc020660b, 0x0) 14:44:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 314.164721] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 314.215980] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 314.263951] reason=80000021 qualification=0000000000000000 [ 314.300691] IDTVectoring: info=00000000 errcode=00000000 [ 314.323243] TSC Offset = 0xffffff555d470382 [ 314.337106] EPT pointer = 0x0000000081efe01e 14:44:52 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:52 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0xfecaedfe00000000, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:52 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x2) 14:44:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 314.601755] *** Guest State *** [ 314.608902] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 314.627601] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 314.637930] CR3 = 0x0000000000000000 [ 314.641931] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 314.655021] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 314.661916] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 314.669251] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 314.678588] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 314.688135] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 314.697761] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 314.706465] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 314.714635] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 314.724179] GDTR: limit=0x00000000, base=0x0000000000000000 [ 314.732483] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 314.740670] IDTR: limit=0x00000000, base=0x0000000000000000 [ 314.748666] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 314.756771] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 314.763893] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 314.772407] Interruptibility = 00000000 ActivityState = 00000000 [ 314.779566] *** Host State *** [ 314.782959] RIP = 0xffffffff811c8cac RSP = 0xffff888054da78c0 [ 314.789205] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 314.795690] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 314.803710] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 314.809602] CR0=0000000080050033 CR3=00000000951ef000 CR4=00000000001426f0 [ 314.816911] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 314.832803] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 314.844340] *** Control State *** [ 314.847829] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 314.857378] EntryControls=0000d1ff ExitControls=002fefff [ 314.883447] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 314.890602] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 314.897292] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 14:44:53 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x0) 14:44:53 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x0, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:53 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0xfffffffffffffdfd, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:53 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:44:53 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x3) [ 314.904132] reason=80000021 qualification=0000000000000000 [ 314.917101] IDTVectoring: info=00000000 errcode=00000000 [ 314.967208] TSC Offset = 0xffffff54e056b57a [ 314.994273] EPT pointer = 0x0000000097df701e 14:44:53 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0xffffffffffffffe7, 0x0, 0x0, 0x0, 0x15182c}}}) 14:44:53 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:44:53 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:53 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x4) 14:44:53 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x2, 0x0, 0x0, 0x15182c}}}) [ 315.189004] *** Guest State *** [ 315.201807] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 315.222325] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 315.256379] CR3 = 0x0000000000000000 14:44:53 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 315.280093] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 315.288587] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 315.327304] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 14:44:53 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x5, 0x0, 0x0, 0x15182c}}}) [ 315.374618] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 315.384727] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 315.404699] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 315.428416] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 315.450307] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 315.468343] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 315.490496] GDTR: limit=0x00000000, base=0x0000000000000000 [ 315.498955] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 315.519883] IDTR: limit=0x00000000, base=0x0000000000000000 [ 315.540166] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 315.548646] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 315.567093] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 315.605194] Interruptibility = 00000000 ActivityState = 00000000 [ 315.628107] *** Host State *** [ 315.638205] RIP = 0xffffffff811c8cac RSP = 0xffff8880896378c0 [ 315.644747] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 315.655230] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 315.663829] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 315.669834] CR0=0000000080050033 CR3=00000000912f1000 CR4=00000000001426f0 [ 315.677423] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 315.684206] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 315.690343] *** Control State *** [ 315.693868] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 315.700731] EntryControls=0000d1ff ExitControls=002fefff [ 315.712119] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 315.719049] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 315.725935] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 315.732605] reason=80000021 qualification=0000000000000000 [ 315.739087] IDTVectoring: info=00000000 errcode=00000000 [ 315.745549] TSC Offset = 0xffffff548d3390be [ 315.749963] EPT pointer = 0x00000000837e401e 14:44:54 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x5) 14:44:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:44:54 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x0, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:54 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0xe7, 0x0, 0x0, 0x15182c}}}) 14:44:54 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:54 executing program 5 (fault-call:5 fault-nth:0): r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:54 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x500, 0x0, 0x0, 0x15182c}}}) 14:44:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 315.933722] *** Guest State *** [ 315.946191] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 316.014697] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 316.049459] CR3 = 0x0000000000000000 14:44:54 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x2000, 0x0, 0x0, 0x15182c}}}) 14:44:54 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x6) [ 316.061476] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 316.069635] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 316.076901] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 316.085055] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 316.109162] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:44:54 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0xe7ff, 0x0, 0x0, 0x15182c}}}) [ 316.163912] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 14:44:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 316.210073] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 316.225798] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:44:54 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x7) [ 316.264679] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 316.300542] GDTR: limit=0x00000000, base=0x0000000000000000 14:44:54 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0xfdfd, 0x0, 0x0, 0x15182c}}}) [ 316.335048] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 316.387875] IDTR: limit=0x00000000, base=0x0000000000000000 [ 316.430039] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 316.447685] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 316.466818] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 316.476518] Interruptibility = 00000000 ActivityState = 00000000 [ 316.499975] *** Host State *** 14:44:55 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x0, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 316.526240] RIP = 0xffffffff811c8cac RSP = 0xffff8880a047f8c0 [ 316.545827] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 316.554192] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 316.563657] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 316.580106] CR0=0000000080050033 CR3=0000000089e18000 CR4=00000000001426e0 [ 316.600975] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 316.625852] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 316.632977] *** Control State *** [ 316.636630] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 316.643945] EntryControls=0000d1ff ExitControls=002fefff [ 316.650155] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 316.657789] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 316.667508] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 316.674643] reason=80000021 qualification=0000000000000000 [ 316.682226] FAULT_INJECTION: forcing a failure. [ 316.682226] name fail_futex, interval 1, probability 0, space 0, times 1 [ 316.694790] IDTVectoring: info=00000000 errcode=00000000 [ 316.713460] CPU: 0 PID: 13462 Comm: syz-executor.5 Not tainted 4.19.34 #2 [ 316.720565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 316.729951] Call Trace: [ 316.732569] dump_stack+0x172/0x1f0 [ 316.736238] should_fail.cold+0xa/0x1b [ 316.740584] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 316.748623] get_futex_key+0xb9a/0x1690 [ 316.752646] ? kasan_check_read+0x11/0x20 [ 316.756823] ? futex_lock_pi_atomic+0x2e0/0x2e0 [ 316.761945] ? __free_object+0xe2/0x1f0 [ 316.765933] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 316.771071] futex_wake+0xf9/0x4d0 [ 316.774627] ? get_futex_key+0x1690/0x1690 [ 316.778897] ? __lock_acquire+0x6eb/0x48f0 [ 316.783155] do_futex+0x34c/0x1d50 [ 316.786726] ? mark_held_locks+0x100/0x100 [ 316.791487] ? __might_fault+0x12b/0x1e0 [ 316.795664] ? exit_robust_list+0x2c0/0x2c0 [ 316.800376] ? __might_fault+0x12b/0x1e0 [ 316.804814] ? find_held_lock+0x35/0x130 [ 316.810032] ? __might_fault+0x12b/0x1e0 [ 316.814215] ? lock_downgrade+0x810/0x810 [ 316.818435] mm_release+0x33d/0x490 [ 316.822372] do_exit+0x42f/0x2fa0 [ 316.826273] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 316.831446] ? get_signal+0x331/0x1d50 [ 316.835336] ? find_held_lock+0x35/0x130 [ 316.839411] ? mm_update_next_owner+0x660/0x660 [ 316.844079] ? _raw_spin_unlock_irq+0x28/0x90 [ 316.848585] ? get_signal+0x331/0x1d50 [ 316.852465] ? _raw_spin_unlock_irq+0x28/0x90 [ 316.856971] do_group_exit+0x135/0x370 [ 316.860864] get_signal+0x399/0x1d50 [ 316.864576] ? find_held_lock+0x35/0x130 [ 316.868709] do_signal+0x95/0x1950 [ 316.872365] ? setup_sigcontext+0x7d0/0x7d0 [ 316.877383] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 316.882524] ? timespec64_add_safe+0x189/0x210 [ 316.887116] ? nsec_to_clock_t+0x30/0x30 [ 316.891190] ? exit_to_usermode_loop+0x43/0x2c0 [ 316.895940] ? do_syscall_64+0x52d/0x610 [ 316.899995] ? exit_to_usermode_loop+0x43/0x2c0 [ 316.904753] ? lockdep_hardirqs_on+0x415/0x5d0 [ 316.909656] ? trace_hardirqs_on+0x67/0x230 [ 316.914258] exit_to_usermode_loop+0x244/0x2c0 [ 316.918851] do_syscall_64+0x52d/0x610 [ 316.922745] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 316.927929] RIP: 0033:0x458c29 [ 316.931117] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 316.951414] RSP: 002b:00007f2278141c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000db [ 316.959403] RAX: fffffffffffffdfc RBX: 00007f2278141c90 RCX: 0000000000458c29 [ 316.966667] RDX: 0000000077919ce2 RSI: 0000000000000000 RDI: 0000000000000000 [ 316.973942] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 316.981236] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f22781426d4 [ 316.988597] R13: 00000000004c5538 R14: 00000000004d97a0 R15: 0000000000000004 [ 317.018344] TSC Offset = 0xffffff542ae53a91 [ 317.031202] EPT pointer = 0x00000000a3dfc01e 14:44:55 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 14:44:55 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0xffe7, 0x0, 0x0, 0x15182c}}}) 14:44:55 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x8) 14:44:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:44:55 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x0, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:55 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:55 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x1000000, 0x0, 0x0, 0x15182c}}}) 14:44:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:44:55 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 14:44:55 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x2000000, 0x0, 0x0, 0x15182c}}}) 14:44:55 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x10) 14:44:56 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 14:44:56 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x5000000, 0x0, 0x0, 0x15182c}}}) 14:44:56 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:44:56 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x0, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:56 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x11) 14:44:56 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x20000000, 0x0, 0x0, 0x15182c}}}) 14:44:56 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x8, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:56 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r0, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r0, 0xae80, 0x0) 14:44:56 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0x8090ae81, 0x0) 14:44:56 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x60) 14:44:56 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0xe7ffffff, 0x0, 0x0, 0x15182c}}}) 14:44:56 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r0, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r0, 0xae80, 0x0) 14:44:56 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0x8090ae81, 0x0) 14:44:56 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0xe, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:56 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0xfdfdffff, 0x0, 0x0, 0x15182c}}}) 14:44:56 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:56 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r0, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r0, 0xae80, 0x0) 14:44:56 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x300) 14:44:56 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0x8090ae81, 0x0) 14:44:56 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0xfecaedfe, 0x0, 0x0, 0x15182c}}}) 14:44:56 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0xe00, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:57 executing program 3: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 14:44:57 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0xfeedcafe, 0x0, 0x0, 0x15182c}}}) 14:44:57 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) ioctl$KVM_RUN(r0, 0x8090ae81, 0x0) 14:44:57 executing program 3: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 14:44:57 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x3f00, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:57 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x480) 14:44:57 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:57 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0xfffffdfd, 0x0, 0x0, 0x15182c}}}) 14:44:57 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) ioctl$KVM_RUN(r0, 0x8090ae81, 0x0) 14:44:57 executing program 3: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 14:44:57 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x500) 14:44:57 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x4000, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:57 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) ioctl$KVM_RUN(r0, 0x8090ae81, 0x0) 14:44:57 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:57 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0xffffffe7, 0x0, 0x0, 0x15182c}}}) 14:44:57 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x1000000, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:57 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:57 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_RUN(r1, 0x8090ae81, 0x0) 14:44:57 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:57 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x600) 14:44:57 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x100000000000000, 0x0, 0x0, 0x15182c}}}) 14:44:57 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x8000000, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:57 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:57 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_RUN(r1, 0x8090ae81, 0x0) 14:44:58 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x200000000000000, 0x0, 0x0, 0x15182c}}}) 14:44:58 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_RUN(r1, 0x8090ae81, 0x0) 14:44:58 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 14:44:58 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0xe000000, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:58 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x500000000000000, 0x0, 0x0, 0x15182c}}}) 14:44:58 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 14:44:58 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0xffffffffffffffff, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:58 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x700) 14:44:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:44:58 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x15182c}}}) 14:44:58 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 14:44:58 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x3f000000, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:58 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0xe7ffffffffffffff, 0x0, 0x0, 0x15182c}}}) 14:44:58 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:44:58 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x40000000, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:58 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0xfdfdffff00000000, 0x0, 0x0, 0x15182c}}}) 14:44:58 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x1100) 14:44:59 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0xffffffffffffffff, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:44:59 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:59 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0xfeffffff, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:59 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0xfdfdffffffffffff, 0x0, 0x0, 0x15182c}}}) 14:44:59 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x2000) 14:44:59 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_RUN(r1, 0x8090ae81, 0x0) 14:44:59 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0xfecaedfe00000000, 0x0, 0x0, 0x15182c}}}) 14:44:59 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:44:59 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0xfffffffe, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:59 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_RUN(r1, 0x8090ae81, 0x0) 14:44:59 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 321.095226] *** Guest State *** [ 321.098577] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 321.123759] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 321.140949] CR3 = 0x0000000000000000 14:44:59 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0xfffffffffffffdfd, 0x0, 0x0, 0x15182c}}}) 14:44:59 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0xffffffffffffffff, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:44:59 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x3f00) 14:44:59 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x1000000000000, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:44:59 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_RUN(r1, 0x8090ae81, 0x0) [ 321.144718] RSP = 0x0000000000002000 RIP = 0x0000000000000000 14:44:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 321.185948] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 321.198727] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 14:44:59 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0xffffffffffffffe7, 0x0, 0x0, 0x15182c}}}) [ 321.239906] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 321.267220] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 321.299060] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 14:44:59 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x6000) 14:44:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 321.344859] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 321.377360] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:44:59 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x2, 0x0, 0x15182c}}}) [ 321.402410] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 321.422990] GDTR: limit=0x00000000, base=0x0000000000000000 [ 321.450655] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 321.459651] IDTR: limit=0x00000000, base=0x0000000000000000 14:45:00 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 321.535376] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 321.624806] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 321.643848] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 321.662591] Interruptibility = 00000000 ActivityState = 00000000 [ 321.685866] *** Host State *** [ 321.698051] RIP = 0xffffffff811c8cac RSP = 0xffff8880a047f8c0 [ 321.723196] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 321.735422] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 321.751322] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 321.763373] CR0=0000000080050033 CR3=00000000a0a43000 CR4=00000000001426e0 [ 321.772132] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 321.779026] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 321.786052] *** Control State *** [ 321.790085] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 321.796980] EntryControls=0000d1ff ExitControls=002fefff [ 321.805421] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 321.813187] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 321.820539] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 321.827301] reason=80000021 qualification=0000000000000000 14:45:00 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:00 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x5, 0x0, 0x15182c}}}) 14:45:00 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x8004) 14:45:00 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 321.835645] IDTVectoring: info=00000000 errcode=00000000 [ 321.844891] TSC Offset = 0xffffff51681fc5b8 [ 321.849428] EPT pointer = 0x000000009eb5201e [ 321.962898] *** Guest State *** [ 321.992986] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 322.026624] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:45:00 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x100000000000000, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:45:00 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:45:00 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0xe7, 0x0, 0x15182c}}}) 14:45:00 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:45:00 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x200000) [ 322.043508] CR3 = 0x0000000000000000 [ 322.047531] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 322.056436] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 322.073611] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 14:45:00 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x500, 0x0, 0x15182c}}}) [ 322.140090] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 322.156246] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 322.180973] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 14:45:00 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 322.217368] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 322.250806] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:00 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x2000, 0x0, 0x15182c}}}) [ 322.279862] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 322.382698] GDTR: limit=0x00000000, base=0x0000000000000000 [ 322.446414] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 322.474753] IDTR: limit=0x00000000, base=0x0000000000000000 [ 322.492227] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 322.520867] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 322.527595] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 322.535731] Interruptibility = 00000000 ActivityState = 00000000 [ 322.546879] *** Host State *** [ 322.551280] RIP = 0xffffffff811c8cac RSP = 0xffff8880546b78c0 [ 322.558687] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 322.566066] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 322.574722] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 322.582220] CR0=0000000080050033 CR3=000000009424a000 CR4=00000000001426f0 [ 322.591011] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 322.609843] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 322.616071] *** Control State *** [ 322.619815] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 322.626617] EntryControls=0000d1ff ExitControls=002fefff [ 322.633103] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 14:45:01 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:01 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x80ffff) 14:45:01 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0xe7ff, 0x0, 0x15182c}}}) 14:45:01 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x0, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 322.642568] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 322.651117] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 322.658159] reason=80000021 qualification=0000000000000000 [ 322.665135] IDTVectoring: info=00000000 errcode=00000000 [ 322.671201] TSC Offset = 0xffffff50ee25b028 [ 322.675741] EPT pointer = 0x000000008b0af01e [ 322.852552] *** Guest State *** [ 322.862628] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 322.885133] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 322.895270] CR3 = 0x0000000000000000 [ 322.899371] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 322.906048] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 322.913019] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 322.920696] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 322.932783] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 322.947123] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 322.957859] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 322.967621] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 322.976466] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:01 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x800000000000000, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:45:01 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:45:01 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0xfdfd, 0x0, 0x15182c}}}) 14:45:01 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x0, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:45:01 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x1000000) [ 322.994706] GDTR: limit=0x00000000, base=0x0000000000000000 [ 323.003888] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 323.012276] IDTR: limit=0x00000000, base=0x0000000000000000 14:45:01 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0xffe7, 0x0, 0x15182c}}}) [ 323.064554] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:01 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x0, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 323.140889] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 323.147636] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 14:45:01 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x1000000, 0x0, 0x15182c}}}) [ 323.206003] Interruptibility = 00000000 ActivityState = 00000000 [ 323.242823] *** Host State *** [ 323.254914] RIP = 0xffffffff811c8cac RSP = 0xffff8880a0b978c0 [ 323.280021] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 323.298918] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 323.309964] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 323.324487] CR0=0000000080050033 CR3=000000008b20d000 CR4=00000000001426e0 [ 323.355233] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 323.376397] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 323.389247] *** Control State *** [ 323.398236] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 323.408287] EntryControls=0000d1ff ExitControls=002fefff [ 323.428990] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 323.437556] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 323.450989] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 323.458453] reason=80000021 qualification=0000000000000000 [ 323.470632] IDTVectoring: info=00000000 errcode=00000000 [ 323.476431] TSC Offset = 0xffffff5076a62c1b [ 323.485889] EPT pointer = 0x000000008b17d01e 14:45:01 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x0, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:01 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x2000000) 14:45:01 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x2000000, 0x0, 0x15182c}}}) 14:45:01 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 323.650194] *** Guest State *** [ 323.667394] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 323.702686] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 323.716962] CR3 = 0x0000000000000000 [ 323.722499] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 323.728788] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 323.735406] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 323.742725] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 323.752400] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 323.764962] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 323.774712] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 323.785465] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 323.794376] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 323.804086] GDTR: limit=0x00000000, base=0x0000000000000000 [ 323.814348] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 323.822969] IDTR: limit=0x00000000, base=0x0000000000000000 [ 323.831276] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 323.840620] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 323.847361] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 323.855079] Interruptibility = 00000000 ActivityState = 00000000 [ 323.862654] *** Host State *** [ 323.865995] RIP = 0xffffffff811c8cac RSP = 0xffff888056bcf8c0 [ 323.873376] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 323.880870] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 323.890328] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 323.896621] CR0=0000000080050033 CR3=000000008b262000 CR4=00000000001426e0 [ 323.903742] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 323.910499] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 323.917224] *** Control State *** [ 323.920753] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 323.927460] EntryControls=0000d1ff ExitControls=002fefff [ 323.933112] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 323.940143] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 323.947595] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 14:45:02 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0xe00000000000000, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:45:02 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:45:02 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x5000000, 0x0, 0x15182c}}}) 14:45:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:45:02 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x3000000) [ 323.954524] reason=80000021 qualification=0000000000000000 [ 323.961036] IDTVectoring: info=00000000 errcode=00000000 [ 323.966495] TSC Offset = 0xffffff50084d3ef3 [ 323.971430] EPT pointer = 0x00000000a8fd001e 14:45:02 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x0, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:02 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x20000000, 0x0, 0x15182c}}}) 14:45:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 324.133069] *** Guest State *** [ 324.147178] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 324.169037] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:45:02 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x4000000) [ 324.220354] CR3 = 0x0000000000000000 [ 324.233412] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 324.260375] RFLAGS=0x00010002 DR7 = 0x0000000000000400 14:45:02 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0xe7ffffff, 0x0, 0x15182c}}}) [ 324.289957] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 324.318986] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 324.353643] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 324.393914] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 14:45:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 324.419044] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 324.443828] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:02 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0xfdfdffff, 0x0, 0x15182c}}}) [ 324.477158] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 324.506074] GDTR: limit=0x00000000, base=0x0000000000000000 [ 324.544274] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 324.591063] IDTR: limit=0x00000000, base=0x0000000000000000 [ 324.609309] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 324.619861] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 324.627012] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 324.635090] Interruptibility = 00000000 ActivityState = 00000000 [ 324.651507] *** Host State *** [ 324.667605] RIP = 0xffffffff811c8cac RSP = 0xffff88805a1d78c0 [ 324.678984] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 324.695731] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 324.705103] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 324.712826] CR0=0000000080050033 CR3=000000008a314000 CR4=00000000001426f0 [ 324.721075] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 324.728488] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 324.735380] *** Control State *** [ 324.739032] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 324.746798] EntryControls=0000d1ff ExitControls=002fefff [ 324.752526] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 324.759627] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 324.766489] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 324.773255] reason=80000021 qualification=0000000000000000 [ 324.779946] IDTVectoring: info=00000000 errcode=00000000 [ 324.785502] TSC Offset = 0xffffff4fc6619581 [ 324.790660] EPT pointer = 0x0000000092c0401e 14:45:03 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x3f00000000000000, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:45:03 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x5000000) 14:45:03 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0xfecaedfe, 0x0, 0x15182c}}}) 14:45:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:45:03 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(0x0, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:45:03 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x0, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:03 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0xfeedcafe, 0x0, 0x15182c}}}) 14:45:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 325.122283] *** Guest State *** [ 325.135574] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 325.175678] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 325.212154] CR3 = 0x0000000000000000 [ 325.222971] RSP = 0x0000000000002000 RIP = 0x0000000000000000 14:45:03 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x6000000) 14:45:03 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0xfffffdfd, 0x0, 0x15182c}}}) [ 325.248529] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 325.268476] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 325.320131] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 325.335051] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c12") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 325.375366] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 325.400095] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 325.408210] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:03 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0xffffffe7, 0x0, 0x15182c}}}) [ 325.519818] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 325.529121] GDTR: limit=0x00000000, base=0x0000000000000000 [ 325.567681] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 325.588239] IDTR: limit=0x00000000, base=0x0000000000000000 [ 325.612690] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 325.629228] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 325.659615] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 325.673484] Interruptibility = 00000000 ActivityState = 00000000 [ 325.681881] *** Host State *** [ 325.686252] RIP = 0xffffffff811c8cac RSP = 0xffff88803da878c0 [ 325.693481] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 325.701350] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 325.709361] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 325.716240] CR0=0000000080050033 CR3=000000008ef3d000 CR4=00000000001426e0 [ 325.723688] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 325.731321] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 325.737406] *** Control State *** [ 325.740980] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 325.747794] EntryControls=0000d1ff ExitControls=002fefff [ 325.753405] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 325.760587] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 325.767355] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 325.774271] reason=80000021 qualification=0000000000000000 [ 325.780671] IDTVectoring: info=00000000 errcode=00000000 [ 325.787643] TSC Offset = 0xffffff4f3e6578c4 [ 325.792173] EPT pointer = 0x0000000094b1d01e 14:45:04 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x4000000000000000, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:45:04 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x7000000) 14:45:04 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x100000000000000, 0x0, 0x15182c}}}) 14:45:04 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(0x0, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:45:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c12") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:45:04 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, 0x0) ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:04 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x200000000000000, 0x0, 0x15182c}}}) [ 325.990613] *** Guest State *** [ 325.998547] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 14:45:04 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x8000000) 14:45:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c12") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 326.056818] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 326.101443] CR3 = 0x0000000000000000 [ 326.121651] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 326.139988] RFLAGS=0x00010002 DR7 = 0x0000000000000400 14:45:04 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x500000000000000, 0x0, 0x15182c}}}) [ 326.164726] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 326.187952] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 326.214434] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 326.244636] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 14:45:04 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x10000000) [ 326.280926] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 326.311595] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:04 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x15182c}}}) [ 326.332728] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 326.352051] GDTR: limit=0x00000000, base=0x0000000000000000 [ 326.386760] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 326.415079] IDTR: limit=0x00000000, base=0x0000000000000000 [ 326.432234] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 326.448534] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 326.463935] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 326.480376] Interruptibility = 00000000 ActivityState = 00000000 [ 326.494768] *** Host State *** [ 326.526742] RIP = 0xffffffff811c8cac RSP = 0xffff88804bd478c0 [ 326.536033] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 326.546976] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 326.555955] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 326.563675] CR0=0000000080050033 CR3=00000000a0488000 CR4=00000000001426f0 [ 326.573120] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 326.581999] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 326.589554] *** Control State *** [ 326.593573] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 326.600870] EntryControls=0000d1ff ExitControls=002fefff [ 326.606616] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 326.615201] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 326.625195] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 326.632574] reason=80000021 qualification=0000000000000000 [ 326.639105] IDTVectoring: info=00000000 errcode=00000000 [ 326.644927] TSC Offset = 0xffffff4ec711e7f4 [ 326.651215] EPT pointer = 0x00000000463fe01e 14:45:05 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0xfeffffff00000000, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:45:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319b") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:45:05 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0xe7ffffffffffffff, 0x0, 0x15182c}}}) 14:45:05 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(0x0, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:45:05 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x11000000) 14:45:05 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, 0x0) ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:05 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0xfdfdffff00000000, 0x0, 0x15182c}}}) [ 326.919292] *** Guest State *** [ 326.940037] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 326.987413] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:45:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319b") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 327.036443] CR3 = 0x0000000000000000 [ 327.052581] RSP = 0x0000000000002000 RIP = 0x0000000000000000 14:45:05 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x20000000) 14:45:05 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0xfdfdffffffffffff, 0x0, 0x15182c}}}) [ 327.077177] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 327.097627] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 327.123138] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 327.147509] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 327.190723] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 327.206272] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 327.216283] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:05 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0xfecaedfe00000000, 0x0, 0x15182c}}}) 14:45:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319b") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 327.235191] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 327.247684] GDTR: limit=0x00000000, base=0x0000000000000000 [ 327.258387] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 327.273538] IDTR: limit=0x00000000, base=0x0000000000000000 [ 327.358270] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 327.395108] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 327.465909] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 327.479930] Interruptibility = 00000000 ActivityState = 00000000 [ 327.490617] *** Host State *** [ 327.498559] RIP = 0xffffffff811c8cac RSP = 0xffff8880463178c0 [ 327.506441] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 327.514566] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 327.523871] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 327.531102] CR0=0000000080050033 CR3=00000000899b0000 CR4=00000000001426f0 [ 327.539243] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 327.550061] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 327.556322] *** Control State *** [ 327.560410] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 327.567224] EntryControls=0000d1ff ExitControls=002fefff [ 327.573339] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 327.581089] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 327.588495] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 327.595909] reason=80000021 qualification=0000000000000000 [ 327.602645] IDTVectoring: info=00000000 errcode=00000000 [ 327.608112] TSC Offset = 0xffffff4e469a0e39 [ 327.612526] EPT pointer = 0x0000000092d1c01e 14:45:06 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0xffffffff00000000, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:45:06 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0xfffffffffffffdfd, 0x0, 0x15182c}}}) 14:45:06 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x0) fcntl$setstatus(r0, 0x4, 0x42803) 14:45:06 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x3f000000) 14:45:06 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd0") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:45:06 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, 0x0) ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:06 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0xffffffffffffffe7, 0x0, 0x15182c}}}) 14:45:06 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd0") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:45:06 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x60000000) [ 327.950837] *** Guest State *** [ 327.955728] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 327.973343] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 327.989073] CR3 = 0x0000000000000000 [ 327.994276] RSP = 0x0000000000002000 RIP = 0x0000000000000000 14:45:06 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x2, 0x15182c}}}) [ 328.027987] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 328.058977] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 328.097818] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 328.109915] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 328.117944] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 328.157915] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 328.196261] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:06 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd0") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 328.205854] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:06 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x5, 0x15182c}}}) [ 328.249969] GDTR: limit=0x00000000, base=0x0000000000000000 [ 328.276647] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 328.309784] IDTR: limit=0x00000000, base=0x0000000000000000 [ 328.353410] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 328.380644] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 328.403263] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 328.448926] Interruptibility = 00000000 ActivityState = 00000000 [ 328.480480] *** Host State *** [ 328.488491] RIP = 0xffffffff811c8cac RSP = 0xffff8880569e78c0 [ 328.496136] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 328.533295] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 328.543790] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 328.552580] CR0=0000000080050033 CR3=0000000089ed2000 CR4=00000000001426e0 [ 328.564199] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 328.572064] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 328.579016] *** Control State *** [ 328.583631] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 328.591854] EntryControls=0000d1ff ExitControls=002fefff [ 328.597986] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 328.605116] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 328.612203] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 328.619165] reason=80000021 qualification=0000000000000000 [ 328.626029] IDTVectoring: info=00000000 errcode=00000000 [ 328.631733] TSC Offset = 0xffffff4dbfea7421 [ 328.638541] EPT pointer = 0x000000008735a01e 14:45:07 executing program 5: gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r1 = gettid() r2 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0x0, 0x2) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x4}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000180)={r3, 0x4, 0x20}, &(0x7f00000001c0)=0xc) timer_create(0x0, &(0x7f0000000040)={0x0, 0x3e, 0x0, @tid=r1}, &(0x7f0000000080)) tkill(r1, 0x1000000000016) tkill(r1, 0x1000f) 14:45:07 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0xe7, 0x15182c}}}) 14:45:07 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x0) fcntl$setstatus(r0, 0x4, 0x42803) 14:45:07 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:45:07 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x80040000) 14:45:07 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)) ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:07 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x500, 0x15182c}}}) [ 328.888129] *** Guest State *** 14:45:07 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:45:07 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0xffff8000) [ 328.930269] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 14:45:07 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x9c440, 0x0) ioctl$TUNDETACHFILTER(r2, 0x401054d6, 0x0) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r3 = gettid() tkill(r3, 0x1000000000016) tkill(r0, 0x16) [ 328.982790] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 329.029965] CR3 = 0x0000000000000000 [ 329.039816] RSP = 0x0000000000002000 RIP = 0x0000000000000000 14:45:07 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x2000, 0x15182c}}}) [ 329.087480] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 329.118396] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 329.158389] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 329.190328] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:07 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0xffffff7f) 14:45:07 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:45:07 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x0) fcntl$setstatus(r0, 0x4, 0x42803) [ 329.216593] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 329.245573] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:07 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0xe7ff, 0x15182c}}}) [ 329.295578] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 329.330270] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 329.360018] GDTR: limit=0x00000000, base=0x0000000000000000 [ 329.391154] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:07 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0xfdfd, 0x15182c}}}) 14:45:07 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x8000000000) [ 329.431284] IDTR: limit=0x00000000, base=0x0000000000000000 [ 329.463882] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 329.502674] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 329.532104] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 329.568474] Interruptibility = 00000000 ActivityState = 00000000 [ 329.591163] *** Host State *** [ 329.600531] RIP = 0xffffffff811c8cac RSP = 0xffff88805743f8c0 [ 329.623293] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 329.637058] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 329.652787] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 329.675677] CR0=0000000080050033 CR3=000000008b648000 CR4=00000000001426f0 [ 329.703288] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 329.720452] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 329.726861] *** Control State *** [ 329.736380] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 329.743662] EntryControls=0000d1ff ExitControls=002fefff [ 329.749426] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 329.758229] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 329.765614] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 14:45:08 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)) ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:08 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:45:08 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0xffe7, 0x15182c}}}) 14:45:08 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x20000000000000) [ 329.773114] reason=80000021 qualification=0000000000000000 [ 329.780197] IDTVectoring: info=00000000 errcode=00000000 [ 329.785850] TSC Offset = 0xffffff4d3ac3ecbc [ 329.792074] EPT pointer = 0x00000000886c501e [ 329.936618] *** Guest State *** [ 329.953605] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 329.970022] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 329.988778] CR3 = 0x0000000000000000 [ 329.995773] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 330.006097] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 330.013538] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 330.021425] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 330.030233] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:08 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) syz_init_net_socket$llc(0x1a, 0x341925572d42f2f1, 0x0) gettid() tkill(r0, 0x1000000000016) tkill(r0, 0x16) 14:45:08 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42803) 14:45:08 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x1000000, 0x15182c}}}) 14:45:08 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x80ffff00000000) 14:45:08 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 330.038863] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 330.049772] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 330.058002] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 330.088560] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:08 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x2000000, 0x15182c}}}) [ 330.134847] GDTR: limit=0x00000000, base=0x0000000000000000 [ 330.154795] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 330.164958] IDTR: limit=0x00000000, base=0x0000000000000000 [ 330.174146] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 330.184110] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 330.191652] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 330.211406] Interruptibility = 00000000 ActivityState = 00000000 14:45:08 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 330.242584] *** Host State *** [ 330.248876] RIP = 0xffffffff811c8cac RSP = 0xffff88805f7778c0 [ 330.264366] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 14:45:08 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x100000000000000) [ 330.297580] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 330.313570] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 330.347393] CR0=0000000080050033 CR3=00000000829e9000 CR4=00000000001426e0 [ 330.374071] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 330.413882] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 330.423373] *** Control State *** [ 330.427212] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 330.438753] EntryControls=0000d1ff ExitControls=002fefff [ 330.447238] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 330.465159] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 330.489203] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 14:45:09 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:45:09 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x5000000, 0x15182c}}}) 14:45:09 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x200000000000000) 14:45:09 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)) ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 330.553903] reason=80000021 qualification=0000000000000000 [ 330.563671] IDTVectoring: info=00000000 errcode=00000000 [ 330.573430] TSC Offset = 0xffffff4caa27cca9 [ 330.579264] EPT pointer = 0x00000000895fc01e [ 330.746778] *** Guest State *** [ 330.759934] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 330.790561] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 330.805301] CR3 = 0x0000000000000000 [ 330.811844] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 330.818499] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 330.825390] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 330.835148] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 330.845412] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 330.857554] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 330.866873] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 330.875931] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 330.885062] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 330.894636] GDTR: limit=0x00000000, base=0x0000000000000000 [ 330.903206] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 330.911463] IDTR: limit=0x00000000, base=0x0000000000000000 [ 330.920002] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 330.928887] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 330.936277] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 330.944187] Interruptibility = 00000000 ActivityState = 00000000 [ 330.950664] *** Host State *** [ 330.953972] RIP = 0xffffffff811c8cac RSP = 0xffff88805dc1f8c0 [ 330.960400] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 330.966920] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 330.975728] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 330.981850] CR0=0000000080050033 CR3=00000000a0cd4000 CR4=00000000001426e0 [ 330.989522] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 14:45:09 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) r3 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x1590c0) ioctl$KVM_ARM_SET_DEVICE_ADDR(r3, 0x4010aeab, &(0x7f0000000080)={0x1, 0x4}) 14:45:09 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42803) 14:45:09 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x20000000, 0x15182c}}}) 14:45:09 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:45:09 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x300000000000000) [ 330.996275] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 331.052368] *** Control State *** 14:45:09 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0xe7ffffff, 0x15182c}}}) [ 331.082195] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca 14:45:09 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:45:09 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x400000000000000) [ 331.143883] EntryControls=0000d1ff ExitControls=002fefff [ 331.178592] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 331.224473] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 14:45:09 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0xfdfdffff, 0x15182c}}}) [ 331.265299] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 331.301240] reason=80000021 qualification=0000000000000000 14:45:09 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 331.359876] IDTVectoring: info=00000000 errcode=00000000 14:45:09 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0xfecaedfe, 0x15182c}}}) [ 331.402830] TSC Offset = 0xffffff4c3a10645a [ 331.420576] EPT pointer = 0x000000008a31301e 14:45:09 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c12") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 331.625164] *** Guest State *** [ 331.633119] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 331.644800] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 331.675314] CR3 = 0x0000000000000000 [ 331.679188] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 331.689885] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 331.696336] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 331.704082] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 331.713024] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 331.721724] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 331.730150] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 331.738521] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 331.746709] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 331.754769] GDTR: limit=0x00000000, base=0x0000000000000000 [ 331.762854] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 331.772114] IDTR: limit=0x00000000, base=0x0000000000000000 [ 331.780343] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 331.788757] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 331.795539] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 331.803344] Interruptibility = 00000000 ActivityState = 00000000 [ 331.810417] *** Host State *** [ 331.813720] RIP = 0xffffffff811c8cac RSP = 0xffff888064fa78c0 [ 331.821426] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 331.828461] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 331.837848] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 331.844865] CR0=0000000080050033 CR3=00000000a0cd4000 CR4=00000000001426f0 [ 331.852659] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 331.860382] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 331.866546] *** Control State *** [ 331.870373] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 331.877310] EntryControls=0000d1ff ExitControls=002fefff [ 331.883126] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 331.890596] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 331.897273] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 331.904048] reason=80000021 qualification=0000000000000000 [ 331.910458] IDTVectoring: info=00000000 errcode=00000000 [ 331.915918] TSC Offset = 0xffffff4bc20ce285 [ 331.920454] EPT pointer = 0x00000000991a501e 14:45:10 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) r3 = msgget(0x1, 0x114) getresuid(&(0x7f0000000040), &(0x7f0000000080)=0x0, &(0x7f00000000c0)) r5 = openat$vfio(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/vfio/vfio\x00', 0x8080, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r5, 0xc0045516, &(0x7f0000000400)=0x20) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0, 0x0}, &(0x7f0000000140)=0xc) stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) msgctl$IPC_SET(r3, 0x1, &(0x7f0000000340)={{0x7, r4, r6, r7, r8, 0x4, 0x7}, 0x0, 0xffffffffffffffda, 0x3, 0xffffffffffffff80, 0x1ff, 0x2, r2, r0}) 14:45:10 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x500000000000000) 14:45:10 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:45:10 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0xfeedcafe, 0x15182c}}}) 14:45:10 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42803) 14:45:10 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c12") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:10 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0xfffffdfd, 0x15182c}}}) [ 332.076756] *** Guest State *** [ 332.096231] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 14:45:10 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 332.128161] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 332.156525] CR3 = 0x0000000000000000 [ 332.171881] RSP = 0x0000000000002000 RIP = 0x0000000000000000 14:45:10 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x600000000000000) [ 332.205381] RFLAGS=0x00010002 DR7 = 0x0000000000000400 14:45:10 executing program 5: r0 = gettid() r1 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x5, 0x0) write$FUSE_POLL(r1, &(0x7f00000002c0)={0x18, 0xffffffffffffffda, 0x5, {0x4}}, 0x18) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0xf6, 0x10001) getpid() r3 = gettid() bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000480)={0xffffffffffffff9c, &(0x7f0000000380)="da884781333dff2649134dccf6200a835dd4660b0fa4dc8bb78346abbc4fe57aae3b9fe94260d8f23b091d86a4b16847ef1c723452d5431aa1b5b4948987169d3dfd48a8026cfb83bc9beedbbdbc16724ece417006b3f033caa9983a00fc3c699d88f952c82a928917b71dddfa5a244eb62ea803cd57b3aa2a58deab979ad613c87c8fb6c920da5c34cab63e419182e961b45190cf01a17410db825d4c1962", &(0x7f0000000440)}, 0x18) tkill(r3, 0x1000000000016) tkill(r0, 0x16) timer_create(0x7, &(0x7f0000000240)={0x0, 0x1a, 0x4, @thr={&(0x7f00000000c0)="31d00e463b2102a5393b85a867e850bc1bddeb490a929e246ed7f525fe20107bfec3a03445351abb83dfa1c04e27d2f78cf859af74351ecddcc8ee1a0bb838771e2f85a2cb20a11240d57237b84de9fd3a422d753adaf77fb7a4e57f77fab95a309403f2e48fcf633b1979bbffdd8759b545da16f31b1db623c7dacea96abcc7d6aeabc31458b71fe3968444da94caa551e22fb6716498abedcd14a494a05d7f3f77e267a66cff4f1c11877e462e75ad16e9940e063dc392f7c6f79acf5ed4a53b286aab9954dfd5b0c82086febf8bfdf74c0ca7459451423b71df2847cb065645a2aaf30b49c2b259f1d6200c5a4158041958b624", &(0x7f00000001c0)="a8eb908ffacc8eb44e2298d86153920c2ee381682670b14e3613ad52532e550fb984d831ba2a03a8b8899c6086fff843aec5aec2b7970d14723298bfc4bff275a393f287e2b2fec845d65b20c1e0adbee5eb48c492de7d84dae595d95a0464d5e35375056e27fa1ccd"}}, &(0x7f0000000280)) getsockopt$inet_mtu(r2, 0x0, 0xa, &(0x7f0000000080), &(0x7f0000000340)=0x4) 14:45:10 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0xffffffe7, 0x15182c}}}) [ 332.257307] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 332.291425] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 332.354545] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 332.369867] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 14:45:10 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0x8090ae81, 0x0) 14:45:10 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x100000000000000, 0x15182c}}}) [ 332.403345] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 332.439182] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:10 executing program 5: r0 = gettid() r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0) fadvise64(r1, 0x0, 0x1, 0x0) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x9, 0x77919ce2) r4 = gettid() setxattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@random={'security.', '/proc/thread-self/attr/fscreate\x00'}, &(0x7f00000001c0)='\xd9\x00', 0x2, 0x0) tkill(r4, 0x1000000000016) tkill(r0, 0x16) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timer_settime(r2, 0x1, &(0x7f0000000080)={{r5, r6+10000000}}, &(0x7f00000000c0)) 14:45:10 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x700000000000000) [ 332.495899] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:11 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = open(&(0x7f0000000040)='./file0\x00', 0xa0241, 0x120) setsockopt$RDS_FREE_MR(r1, 0x114, 0x3, &(0x7f0000000080)={{0x40, 0x5}, 0x53}, 0x10) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r3 = gettid() tkill(r3, 0x1000000000016) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r2, 0x660c) tkill(r0, 0x16) 14:45:11 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x0) [ 332.593535] GDTR: limit=0x00000000, base=0x0000000000000000 [ 332.632775] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 332.686365] IDTR: limit=0x00000000, base=0x0000000000000000 [ 332.736367] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 332.771540] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 332.806687] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 332.818824] Interruptibility = 00000000 ActivityState = 00000000 [ 332.835757] *** Host State *** [ 332.839109] RIP = 0xffffffff811c8cac RSP = 0xffff88805c3878c0 [ 332.855559] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 332.863419] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 332.872870] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 332.878987] CR0=0000000080050033 CR3=0000000089ed8000 CR4=00000000001426f0 [ 332.887350] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 332.896420] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 332.903472] *** Control State *** [ 332.907216] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 332.914543] EntryControls=0000d1ff ExitControls=002fefff [ 332.920510] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 332.927786] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 332.935355] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 332.942688] reason=80000021 qualification=0000000000000000 [ 332.950820] IDTVectoring: info=00000000 errcode=00000000 14:45:11 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c12") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:11 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x200000000000000, 0x15182c}}}) 14:45:11 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0x8090ae81, 0x0) 14:45:11 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x800000000000000) [ 332.956476] TSC Offset = 0xffffff4b843b63e1 [ 332.961357] EPT pointer = 0x000000008b2a701e 14:45:11 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x0) 14:45:11 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x500000000000000, 0x15182c}}}) 14:45:11 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0x8090ae81, 0x0) [ 333.133159] *** Guest State *** [ 333.147416] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 333.183107] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 333.205403] CR3 = 0x0000000000000000 [ 333.215368] RSP = 0x0000000000002000 RIP = 0x0000000000000000 14:45:11 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x1000000000000000) 14:45:11 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x15182c}}}) [ 333.238141] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 333.271128] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 333.297944] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 333.325392] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:11 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0xe7ffffffffffffff, 0x15182c}}}) [ 333.346729] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 333.371717] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 333.401044] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 333.438498] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 333.463430] GDTR: limit=0x00000000, base=0x0000000000000000 [ 333.493312] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:12 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x8, 0x10081) getsockopt$inet_udp_int(r1, 0x11, 0x67, &(0x7f0000000080), &(0x7f00000000c0)=0x4) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r3 = gettid() tkill(r3, 0x1000000000016) tkill(r0, 0x16) 14:45:12 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, &(0x7f0000002f80)={0x0, 0x989680}) bind$alg(r0, &(0x7f0000001300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b0", 0x4) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000003e80)=[{0x0, 0x0, &(0x7f0000002a80), 0x167, &(0x7f0000000100)=[@op={0x18}], 0x18}], 0x1, 0x0) [ 333.538357] IDTR: limit=0x00000000, base=0x0000000000000000 [ 333.566349] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 333.616372] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 333.635312] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 333.676615] Interruptibility = 00000000 ActivityState = 00000000 [ 333.687446] *** Host State *** [ 333.691278] RIP = 0xffffffff811c8cac RSP = 0xffff88804e83f8c0 [ 333.698209] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 333.706630] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 333.715925] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 333.722440] CR0=0000000080050033 CR3=0000000092d40000 CR4=00000000001426e0 [ 333.730365] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 333.737486] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 333.743926] *** Control State *** [ 333.747622] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 333.754757] EntryControls=0000d1ff ExitControls=002fefff [ 333.760445] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 333.767559] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 14:45:12 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000, 0x15182c}}}) 14:45:12 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x1100000000000000) 14:45:12 executing program 0: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind(r0, &(0x7f0000001140)=@sco={0x1f, {0x401}}, 0x80) 14:45:12 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319b") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:12 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x0) [ 333.774467] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 333.781357] reason=80000021 qualification=0000000000000000 [ 333.788180] IDTVectoring: info=00000000 errcode=00000000 [ 333.794552] TSC Offset = 0xffffff4af41dfafd [ 333.798888] EPT pointer = 0x00000000aa2ea01e 14:45:12 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0xfdfdffffffffffff, 0x15182c}}}) 14:45:12 executing program 0: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) getrlimit(0x0, &(0x7f00000000c0)) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0c0583b, &(0x7f0000000040)={0x0, 0x0, 0x20000740}) 14:45:12 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0xfecaedfe00000000, 0x15182c}}}) 14:45:12 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x2000000000000000) [ 334.041450] *** Guest State *** [ 334.044787] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 334.109899] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:45:12 executing program 0: r0 = socket$inet(0x10, 0x802, 0x6) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000020ff0)=[{&(0x7f0000000340)="2f0000001c00037affffff000d0000000200000400000000000003c913000100000000000000008c00c9109411052a", 0x2f}], 0x1}, 0x0) [ 334.150654] CR3 = 0x0000000000000000 [ 334.154615] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 334.169945] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 334.182082] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 334.196797] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 334.214459] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 334.230565] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 334.249116] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 334.296645] netlink: 27 bytes leftover after parsing attributes in process `syz-executor.0'. [ 334.306025] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 334.335866] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 334.349859] GDTR: limit=0x00000000, base=0x0000000000000000 [ 334.364924] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 334.384890] IDTR: limit=0x00000000, base=0x0000000000000000 [ 334.393225] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 334.393237] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 334.393248] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 334.393257] Interruptibility = 00000000 ActivityState = 00000000 [ 334.393262] *** Host State *** [ 334.393279] RIP = 0xffffffff811c8cac RSP = 0xffff888081ff78c0 [ 334.426196] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 334.441014] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 334.458974] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 334.466015] CR0=0000000080050033 CR3=0000000085b1a000 CR4=00000000001426e0 [ 334.473432] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 334.480666] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 334.486881] *** Control State *** 14:45:12 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdfd, 0x15182c}}}) 14:45:12 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x3f00000000000000) 14:45:12 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) r1 = dup(r0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$sock_int(r0, 0x1, 0x21, &(0x7f0000000240), 0x4) bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e20}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x20141042, 0x11) write$sndseq(0xffffffffffffffff, 0x0, 0x0) ftruncate(r2, 0x80080) sendfile(r1, r2, 0x0, 0x2008000fffffffe) 14:45:13 executing program 2: mkdir(&(0x7f0000000700)='./file1\x00', 0x0) getpid() mkdir(&(0x7f00000003c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='overlay\x00', 0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1\x00']) chdir(&(0x7f0000000040)='./file0\x00') openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$EVIOCSKEYCODE(r0, 0x40084504, &(0x7f0000000000)=[0x100000000]) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x200600) ioctl$EVIOCGKEYCODE_V2(r0, 0x80284504, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.events\x00', 0x2da8020000100000, 0x500001c) [ 334.510453] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 334.517481] EntryControls=0000d1ff ExitControls=002fefff [ 334.523204] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 334.530199] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 334.540854] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 334.547979] reason=80000021 qualification=0000000000000000 [ 334.622361] IDTVectoring: info=00000000 errcode=00000000 [ 334.651795] TSC Offset = 0xffffff4a7857341c [ 334.664678] EPT pointer = 0x000000008ef0101e 14:45:13 executing program 5: r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f00000000c0)={0x0, r1, 0xfffffffffffffffe, 0x3, 0xfffffffffffffffb, 0xf1e1}) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x82000, 0x0) getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r2, 0x84, 0xc, &(0x7f0000000100), &(0x7f0000000140)=0x4) r3 = gettid() fcntl$getown(r1, 0x9) tkill(r3, 0x1000000000016) ioctl$SCSI_IOCTL_TEST_UNIT_READY(r2, 0x2) tkill(r0, 0x16) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x503000, 0x0) 14:45:13 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe7, 0x15182c}}}) 14:45:13 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319b") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:13 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x6000000000000000) 14:45:13 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x70800}}}) 14:45:13 executing program 2: r0 = syz_open_dev$sg(&(0x7f00000000c0)='/dev/sg#\x00', 0x0, 0x2) ioctl$SG_SET_RESERVED_SIZE(r0, 0x2275, &(0x7f0000000080)=0x10002) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2000002, 0x11, r0, 0x0) remap_file_pages(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0) r1 = creat(&(0x7f0000000580)='./bus\x00', 0x0) ftruncate(r1, 0x2081fc) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) readv(r2, &(0x7f00000042c0)=[{&(0x7f0000004000)=""/233, 0x25e}, {&(0x7f0000001ac0)=""/21, 0x15}, {&(0x7f0000000000)=""/61, 0xfffffde5}], 0x3) [ 334.854236] *** Guest State *** [ 334.869945] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 334.893502] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:45:13 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x2}}}) [ 334.910036] CR3 = 0x0000000000000000 [ 334.917349] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 334.948920] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 334.960498] audit: type=1400 audit(1555339513.397:139): avc: denied { map } for pid=17191 comm="syz-executor.2" path="/dev/sg0" dev="devtmpfs" ino=15215 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:scsi_generic_device_t:s0 tclass=chr_file permissive=1 [ 334.991616] mmap: syz-executor.2 (17192) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 335.016868] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 335.038261] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:13 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x5}}}) [ 335.050106] audit: type=1804 audit(1555339513.477:140): pid=17192 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir529450167/syzkaller.Z3IfDy/189/bus" dev="sda1" ino=16609 res=1 [ 335.082723] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:13 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x8004000000000000) [ 335.123028] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 335.177246] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 335.207764] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:13 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0xe7}}}) [ 335.225636] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 335.248391] GDTR: limit=0x00000000, base=0x0000000000000000 [ 335.273472] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 335.294804] IDTR: limit=0x00000000, base=0x0000000000000000 [ 335.309946] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 335.324911] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 335.337022] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 335.346961] Interruptibility = 00000000 ActivityState = 00000000 [ 335.354142] *** Host State *** [ 335.357555] RIP = 0xffffffff811c8cac RSP = 0xffff888081ff78c0 [ 335.372075] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 335.390379] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 335.398463] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 335.405988] CR0=0000000080050033 CR3=00000000a8ea3000 CR4=00000000001426f0 [ 335.413844] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 335.421303] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 14:45:13 executing program 0: r0 = memfd_create(&(0x7f0000000600)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x1) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x22, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}], 0xffffff76) 14:45:13 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x0) r1 = dup(r0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$sock_int(r0, 0x1, 0x21, &(0x7f0000000240), 0x4) bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e20}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x20141042, 0x11) fsetxattr$security_smack_transmute(r0, &(0x7f0000000000)='security.SMACK64TRANSMUTE\x00', &(0x7f00000000c0)='TRUE', 0x4, 0x1) ftruncate(r2, 0x80080) sendfile(r1, r2, 0x0, 0x2008000fffffffe) [ 335.427590] *** Control State *** [ 335.432009] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 335.439124] EntryControls=0000d1ff ExitControls=002fefff [ 335.453958] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 335.472872] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 335.490654] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 335.509266] reason=80000021 qualification=0000000000000000 [ 335.518374] IDTVectoring: info=00000000 errcode=00000000 [ 335.529873] TSC Offset = 0xffffff4a06af4c40 [ 335.540247] EPT pointer = 0x0000000080f9801e 14:45:16 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") shutdown(r1, 0x1) poll(0x0, 0x0, 0x77919ce2) gettid() tkill(r0, 0xa) tkill(r0, 0x16) 14:45:16 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x500}}}) 14:45:16 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xb, 0x104, 0x209e20, 0x8000000001, 0x1}, 0x3c) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x0, 0x77fffb, 0x0, 0x10020000000, 0x0}, 0x2c) 14:45:16 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0xffffff7f00000000) 14:45:16 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319b") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:16 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x0) r1 = dup(r0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$sock_int(r0, 0x1, 0x21, &(0x7f0000000240), 0x4) bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e20}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x20141042, 0x11) fsetxattr$security_smack_transmute(r0, &(0x7f0000000000)='security.SMACK64TRANSMUTE\x00', &(0x7f00000000c0)='TRUE', 0x4, 0x1) ftruncate(r2, 0x80080) sendfile(r1, r2, 0x0, 0x2008000fffffffe) 14:45:16 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x2000}}}) [ 337.851634] *** Guest State *** [ 337.865233] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 14:45:16 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) bind$bt_l2cap(r1, &(0x7f0000000040), 0xe) listen(r1, 0x0) dup3(r0, r1, 0x0) 14:45:16 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f0000000140)=0x20, 0x4) ioctl(r2, 0x100000000, &(0x7f0000000340)="0adc1f123c123b319b09000f4bd587c743b66e016a1355ee362cf0b55b0435a800aca8665de5315620c05093dbb2a0dc28c907112848609c4e004c5ec200"/75) poll(0x0, 0x0, 0x77919ce2) r3 = gettid() tkill(r3, 0x1000000000016) lsetxattr$trusted_overlay_redirect(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='trusted.overlay.redirect\x00', &(0x7f00000000c0)='./file0\x00', 0x8, 0x1) tkill(r0, 0x16) [ 337.933065] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:45:16 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0xffffffff00000000) [ 338.007268] CR3 = 0x0000000000000000 14:45:16 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) r1 = dup(r0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$sock_int(r0, 0x1, 0x21, &(0x7f0000000240), 0x4) bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e20}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x20141042, 0x11) write$sndseq(r1, &(0x7f0000000480)=[{0x0, 0x0, 0x0, 0x0, @time={0x0, 0x1c9c380}, {}, {}, @addr}], 0x30) ftruncate(r2, 0x80080) sendfile(r1, r2, 0x0, 0x2008000fffffffe) [ 338.029410] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 338.059610] RFLAGS=0x00010002 DR7 = 0x0000000000000400 14:45:16 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cachefiles\x00', 0x20000, 0x0) clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0}) write$evdev(r1, &(0x7f0000000240)=[{{}, 0x11, 0x7f, 0x4}, {{r2, r3/1000+10000}, 0x17, 0x1000000000000000}], 0x30) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f0000000040)="00000000a7c6f8027e0000") r5 = socket(0x10, 0x8000f, 0x2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffff9c, 0x84, 0x66, &(0x7f0000000000)={0x0, 0x5d}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r5, 0x84, 0x1b, &(0x7f0000000340)=ANY=[@ANYRES32=r6, @ANYBLOB="7c000000ffa44fc3f209dc079fe40b47d0cd642b7ae8c61278badc8e0b7599afaf70d7011e9d46cc122c0a94d70e3e33508e674562e42aa62ba46b2d3a05000000fc11e5b42a1b18bb4db004b6befba97e18db4f2e694a53f417bf2b1088d28894e1e9e4bbc9418d99ef7629b0261813fb64e0fb5de561f1e82ceacacd3941c1ce589aca571c0f9d7c57c748c807dc79ca28d84687a6bfbc8f7e5165f9371a8413881cf2480e8170209044a59a561d9f20cc3f5a765d2017b46a73a66a574da8c36fcabbd54ad8c786aad18190e54c046855b42d9701f2e88bf1bcd4a7d8a55f1f39df508192770e74e3ad692eece7e9df295d684dc3549836bc842ba308805b0cf09538063003020234ba0e92c79afd4bb35e15a69737937feaad1c8a15e0312682fc3ad7783fb1270c05937048ed4daff282f8bd4c7b47f727f046326c283525bf4c9c682ffc2f51b94b8d735beed77fcb164c2daf3cc03aba4d5fff5c471039908e879df74e5e445d7328da5715ead1fbef"], &(0x7f0000000180)=0x84) poll(0x0, 0x0, 0x77919ce2) r7 = gettid() tkill(r7, 0x1000000000016) tkill(r0, 0x16) [ 338.098095] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 14:45:16 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0xe7ff}}}) [ 338.140402] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 338.202503] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 338.238458] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 14:45:16 executing program 5: msync(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2) r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x100000890f, &(0x7f0000000080)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x16) tkill(r0, 0x16) 14:45:16 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0xfdfd}}}) [ 338.283172] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:16 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) r4 = syz_open_dev$cec(&(0x7f00000000c0)='/dev/cec#\x00', 0x0, 0x2) getsockopt$TIPC_SOCK_RECVQ_DEPTH(r4, 0x10f, 0x84, &(0x7f0000000100), &(0x7f0000000140)=0x4) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 338.334380] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 338.385266] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 338.416896] GDTR: limit=0x00000000, base=0x0000000000000000 [ 338.437063] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 338.466341] IDTR: limit=0x00000000, base=0x0000000000000000 [ 338.499508] *** Guest State *** [ 338.515187] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 338.517466] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 338.540398] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 338.555592] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 338.564903] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 338.576007] Interruptibility = 00000000 ActivityState = 00000000 [ 338.580869] CR3 = 0x0000000000000000 [ 338.586110] *** Host State *** [ 338.588642] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 338.592440] RIP = 0xffffffff811c8cac RSP = 0xffff8880575278c0 [ 338.603786] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 338.606790] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 338.615163] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 338.621167] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 338.632887] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 338.635647] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 338.645627] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 338.649740] CR0=0000000080050033 CR3=00000000928ec000 CR4=00000000001426e0 [ 338.664850] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 338.664988] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 338.675258] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 338.680027] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 338.693771] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 338.694521] *** Control State *** [ 338.703599] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 338.706537] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 338.719230] GDTR: limit=0x00000000, base=0x0000000000000000 [ 338.722105] EntryControls=0000d1ff ExitControls=002fefff [ 338.735582] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 338.735833] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 338.744186] IDTR: limit=0x00000000, base=0x0000000000000000 [ 338.751884] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 338.764677] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 338.766583] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 338.776255] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 338.783349] reason=80000021 qualification=0000000000000000 [ 338.799345] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 338.803308] IDTVectoring: info=00000000 errcode=00000000 [ 338.817383] Interruptibility = 00000000 ActivityState = 00000000 [ 338.817438] TSC Offset = 0xffffff486e908b10 [ 338.824989] *** Host State *** [ 338.829319] EPT pointer = 0x00000000a00ba01e [ 338.838042] RIP = 0xffffffff811c8cac RSP = 0xffff88805848f8c0 [ 338.844873] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 14:45:17 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd0") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:17 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0xffe7}}}) 14:45:17 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000340)={0x1c, 0x22, 0x1, 0x0, 0x0, {0x4}, [@typed={0x8, 0xc, @pid}]}, 0x1c}}, 0x0) [ 338.857758] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 338.889226] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 14:45:17 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x1000000}}}) [ 338.910107] CR0=0000000080050033 CR3=0000000081c03000 CR4=00000000001426f0 [ 338.923708] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 338.944051] *** Guest State *** [ 338.949795] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 338.968816] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 338.985126] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 338.999042] *** Control State *** [ 339.008442] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca 14:45:17 executing program 0: r0 = socket$inet(0x2, 0x3, 0x2) setsockopt$EBT_SO_SET_COUNTERS(0xffffffffffffffff, 0x0, 0x81, 0x0, 0x0) sendmmsg(r0, &(0x7f00000038c0)=[{{&(0x7f0000000040)=@nl=@unspec, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000380)}}, {{&(0x7f00000000c0)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000240), 0x2b5, &(0x7f0000000480)}}], 0x2, 0xe000) [ 339.016337] CR3 = 0x0000000000000000 [ 339.020553] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 339.026873] EntryControls=0000d1ff ExitControls=002fefff [ 339.033359] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 339.040690] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 339.054942] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 339.065707] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 339.074335] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 339.087496] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 339.094800] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 339.104792] reason=80000021 qualification=0000000000000000 14:45:17 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x2000000}}}) [ 339.112002] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 339.120417] IDTVectoring: info=00000000 errcode=00000000 [ 339.127069] raw_sendmsg: syz-executor.0 forgot to set AF_INET. Fix it! [ 339.128867] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 339.146153] TSC Offset = 0xffffff4812979da9 14:45:17 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) bind$bt_l2cap(r0, &(0x7f0000000040), 0xe) setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f0000000100), 0x4) [ 339.172189] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 339.180096] EPT pointer = 0x00000000a94ee01e [ 339.196076] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:17 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x5000000}}}) 14:45:17 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xf7c, 0x8000000000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) futex(0x0, 0x400000000000085, 0x0, 0x0, 0x0, 0x0) 14:45:17 executing program 5: r0 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000040)='./file0\x00', 0x0, 0x18}, 0x10) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)=0x0) timer_settime(r2, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r4 = gettid() tkill(r4, 0x1000000000016) tkill(r1, 0x16) [ 339.230744] GDTR: limit=0x00000000, base=0x0000000000000000 [ 339.291365] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 339.329839] IDTR: limit=0x00000000, base=0x0000000000000000 14:45:17 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000140)='trusted.overlay.nlink\x00', &(0x7f0000000100)={'U+', 0x2}, 0xfffffffffffffede, 0x3) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0adc1f123c123f31dbd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) accept4(r3, 0x0, &(0x7f0000000180), 0x800) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) sched_yield() ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 339.357681] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 339.385236] EFER = 0x0000000000000000 PAT = 0x0007040600070406 14:45:17 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x20000000}}}) [ 339.410079] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 339.417858] Interruptibility = 00000000 ActivityState = 00000000 [ 339.498695] *** Host State *** [ 339.512199] RIP = 0xffffffff811c8cac RSP = 0xffff8880575f78c0 [ 339.521714] *** Guest State *** [ 339.526011] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 339.544441] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 339.554603] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 339.555442] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 339.574512] CR3 = 0x0000000000000000 [ 339.579255] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 339.595347] CR0=0000000080050033 CR3=0000000054928000 CR4=00000000001426e0 [ 339.599268] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 339.605193] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 339.616099] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 339.625282] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 339.625415] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 339.633015] *** Control State *** [ 339.644292] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 339.650775] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 339.652767] EntryControls=0000d1ff ExitControls=002fefff [ 339.666010] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 339.673495] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 339.677598] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 339.681640] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 339.694410] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 339.695829] reason=80000021 qualification=0000000000000000 [ 339.712278] IDTVectoring: info=00000000 errcode=00000000 [ 339.712715] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 339.718000] TSC Offset = 0xffffff47d533f0ef [ 339.730801] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 339.731096] EPT pointer = 0x000000008a67201e 14:45:18 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd0") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:18 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20ncci\x00', 0x200042, 0x0) setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000000080)=0x7ff, 0x4) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r3 = gettid() tkill(r3, 0x1000000000016) tkill(r0, 0x16) 14:45:18 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="020b0001020000000000400000000000"], 0x10}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000000000000010000105000600200000000a00000000000000000500e50000070000001f0000000000000300000000000002000100f5000000000000020000000005000500000000000a000000000000000000000000000000001700"/128], 0x80}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000002, 0x0) 14:45:18 executing program 0: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) getsockopt$bt_hci(r0, 0x0, 0x1, 0x0, &(0x7f0000000180)) 14:45:18 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0xe7ffffff}}}) [ 339.738944] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 339.757600] GDTR: limit=0x00000000, base=0x0000000000000000 [ 339.766247] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 339.776800] IDTR: limit=0x00000000, base=0x0000000000000000 14:45:18 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0xfdfdffff}}}) 14:45:18 executing program 0: mkdir(&(0x7f0000000700)='./file1\x00', 0x0) getpid() mkdir(0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='overlay\x00', 0x0, 0x0) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x200600) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.events\x00', 0x2da8020000100000, 0x500001c) [ 339.842429] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 339.872115] *** Guest State *** [ 339.875965] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 339.898447] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 339.919498] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 339.937116] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:45:18 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0xfecaedfe}}}) [ 339.945570] Interruptibility = 00000000 ActivityState = 00000000 [ 339.967731] *** Host State *** [ 339.976224] RIP = 0xffffffff811c8cac RSP = 0xffff88805848f8c0 [ 339.983042] CR3 = 0x0000000000000000 [ 339.989288] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 340.002818] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 340.014693] FSBase=00007f43d5ae8700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 340.017697] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 340.039869] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 14:45:18 executing program 2: open(&(0x7f0000000280)='./file0\x00', 0x41, 0x0) r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./file1\x00', 0x0) write$binfmt_elf64(r1, 0x0, 0x0) rename(&(0x7f0000008500)='./file0\x00', &(0x7f00000001c0)='./file1\x00') getdents(r0, &(0x7f0000000080)=""/10, 0x10000019f) creat(&(0x7f00000000c0)='./file0\x00', 0x0) 14:45:18 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0xfeedcafe}}}) [ 340.047955] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 340.064439] CR0=0000000080050033 CR3=000000008a4a9000 CR4=00000000001426e0 [ 340.084422] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 340.098956] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 340.104503] audit: type=1804 audit(1555339518.537:141): pid=17753 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir185533241/syzkaller.3yeTt4/275/memory.events" dev="sda1" ino=17041 res=1 [ 340.112742] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 340.159419] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 340.173005] *** Control State *** [ 340.176773] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 340.187565] EntryControls=0000d1ff ExitControls=002fefff [ 340.195878] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 340.209427] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 340.219355] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 340.235640] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 340.255746] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 340.279101] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 340.286980] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 340.305596] GDTR: limit=0x00000000, base=0x0000000000000000 [ 340.338856] reason=80000021 qualification=0000000000000000 [ 340.351892] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 340.377933] IDTVectoring: info=00000000 errcode=00000000 [ 340.390405] IDTR: limit=0x00000000, base=0x0000000000000000 [ 340.399074] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 340.413902] TSC Offset = 0xffffff47876c14da [ 340.418450] EPT pointer = 0x000000008e7dd01e [ 340.424632] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 340.437331] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 340.453858] Interruptibility = 00000000 ActivityState = 00000000 [ 340.472840] *** Host State *** [ 340.477340] RIP = 0xffffffff811c8cac RSP = 0xffff8880648ef8c0 [ 340.484216] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 14:45:18 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0xfffffdfd}}}) 14:45:18 executing program 2: clone(0x800000409ff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x38) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="fa7900007d93304290ed32e546196d2f8c140000dcff449fb8c1b873745ec1afff12a25edb661e7f06c4b8f92001affc46fe8087aef281241e"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 340.491133] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 340.515911] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 340.522528] CR0=0000000080050033 CR3=00000000a98c4000 CR4=00000000001426e0 [ 340.530148] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 340.549313] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 340.570347] *** Control State *** [ 340.577173] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 340.597415] EntryControls=0000d1ff ExitControls=002fefff 14:45:19 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd0") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 340.617817] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 340.629206] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 340.636755] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 340.645071] reason=80000021 qualification=0000000000000000 [ 340.652113] IDTVectoring: info=00000000 errcode=00000000 [ 340.658684] TSC Offset = 0xffffff4755a2d454 [ 340.664250] EPT pointer = 0x0000000096cea01e 14:45:19 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x9, 0x200) ioctl$TIOCSRS485(r2, 0x542f, &(0x7f0000000080)={0xd7c, 0xa9f, 0x1}) r3 = gettid() tkill(r3, 0x1000000000016) tkill(r0, 0x16) 14:45:19 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$nl_generic(0x10, 0x3, 0x10) bind$netlink(r1, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r1, 0x10e, 0x8, &(0x7f0000000040)=0x2, 0x4) sendmsg$nl_generic(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000100)={0x1c, 0x22, 0x1, 0x0, 0x0, {0x4}, [@typed={0x8, 0xc, @pid}]}, 0x1c}}, 0x0) 14:45:19 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x80540, 0x0) sendto$llc(r4, &(0x7f0000000100)="543bf1febfbdb0161df684a509660be435f5e4b9cf0a8a971a6e25c2af816da5128c887a2ceec2d50fc41ba463ffd532399be1e5a2de45d1b0ea6fc6863b834a22f72a8e9a80746f3e679566415381ef256df73098bca7d4ba1ff685a2f663a37bee8ea4d95e456e20dd26653c8202fb0b743386813db15a52e1512f6df3f5c2536be1b53d92e3efa5", 0x89, 0x14, &(0x7f00000001c0)={0x1a, 0x33f, 0xfffffffffffffffa, 0x2a5b, 0x2, 0xf4b, @random="28da5fe03995"}, 0x10) 14:45:19 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0xffffffe7}}}) [ 340.739461] audit: type=1400 audit(1555339519.167:142): avc: denied { bind } for pid=17949 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 14:45:19 executing program 2: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0xee67, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@remote, 0x800, 0x0, 0xff, 0x100000000000001}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000002c0)={@mcast2, 0x800, 0x1}, 0x20) [ 340.789615] audit: type=1400 audit(1555339519.197:143): avc: denied { setopt } for pid=17949 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 340.860463] *** Guest State *** [ 340.866644] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 340.878994] *** Guest State *** [ 340.887730] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 340.898226] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 14:45:19 executing program 0: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) r1 = openat$ashmem(0xffffffffffffff9c, 0x0, 0x400001, 0x0) ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0) openat$uinput(0xffffffffffffff9c, 0x0, 0x2, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000001140)=""/4096, 0x1000}, {&(0x7f0000000180)=""/126, 0x7e}, {&(0x7f0000002140)=""/4096, 0x1000}, {&(0x7f0000000200)=""/14, 0xe}], 0x5, 0x0) write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rtc0\x00', 0x80000, 0x0) r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r3, 0x4008240b, 0x0) perf_event_open(&(0x7f000001d000)={0x8000000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x84}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendto$inet(r2, 0x0, 0x0, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, 0x0, 0x0) r4 = dup2(r2, r2) sendmsg$alg(r4, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)=[{&(0x7f0000000000)="a7ceec29", 0x4}, {0x0}], 0x2}, 0x8005) write$P9_RATTACH(r4, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, 0x0, 0x0) sendto$inet(r2, &(0x7f0000000000), 0xfffffdef, 0xc0, 0x0, 0x0) shutdown(0xffffffffffffffff, 0x0) write$uinput_user_dev(r4, 0x0, 0x0) getsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, &(0x7f0000000040), 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000002fc8)={0x0, 0x0, 0x0, 0x3b9, &(0x7f00000002c0)=ANY=[], 0x641619f0b75f810a}, 0x0) r5 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r5, 0x890b, &(0x7f0000000140)={0x0, {0x2, 0x4e22, @multicast1}, {0x2, 0x4e21, @multicast1}, {0x2, 0x0, @multicast2}, 0x80, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x1f}) 14:45:19 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x100000000000000}}}) [ 340.904489] CR3 = 0x0000000000000000 [ 340.938760] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 340.942660] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 340.961945] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 340.980070] CR3 = 0x0000000000000000 [ 340.985244] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 341.000251] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 341.007529] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 341.024518] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 14:45:19 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x200000000000000}}}) [ 341.032432] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 341.050328] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 341.060498] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 341.074795] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:19 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000040)=0x72, 0x4) bind$inet(r1, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, 0x0, 0x47, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000080)=0x3e, 0x4) write$binfmt_elf64(r1, &(0x7f0000002780)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}], "cbb00c8f8b4a0212223114f361a422ce134492ed042d88e8f556162fa96595b6e146deb72876e005b6096a127ff0f2d6fc1d780685c18449b99ab3c4f3c765e922fb834c51c24bbc889c5047cf98bb0549"}, 0xc9) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='%'], 0x1) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) 14:45:19 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x500000000000000}}}) [ 341.086919] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 341.099840] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 341.110007] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 341.118906] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 341.138594] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 341.151451] GDTR: limit=0x00000000, base=0x0000000000000000 [ 341.157274] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 341.160279] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 341.179958] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 341.199860] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 341.209621] GDTR: limit=0x00000000, base=0x0000000000000000 [ 341.218219] IDTR: limit=0x00000000, base=0x0000000000000000 [ 341.238518] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:19 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x2000000000000000}}}) [ 341.251454] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 341.268606] IDTR: limit=0x00000000, base=0x0000000000000000 [ 341.279136] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 341.288993] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 341.297520] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 341.308828] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 341.319228] Interruptibility = 00000000 ActivityState = 00000000 [ 341.326427] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 341.335081] *** Host State *** [ 341.338640] Interruptibility = 00000000 ActivityState = 00000000 [ 341.345197] RIP = 0xffffffff811c8cac RSP = 0xffff8880575f78c0 [ 341.351500] *** Host State *** [ 341.354848] RIP = 0xffffffff811c8cac RSP = 0xffff8880575278c0 [ 341.361130] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 341.367658] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 341.375898] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 341.390099] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 341.398422] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 341.414252] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 341.422697] CR0=0000000080050033 CR3=000000008a4d8000 CR4=00000000001426e0 [ 341.428787] CR0=0000000080050033 CR3=00000000908c2000 CR4=00000000001426f0 [ 341.439824] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 341.447688] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 341.451770] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 341.456990] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 341.468793] *** Control State *** [ 341.472536] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 341.475603] *** Control State *** [ 341.483303] EntryControls=0000d1ff ExitControls=002fefff [ 341.489134] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 341.490401] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 341.496754] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 341.509846] EntryControls=0000d1ff ExitControls=002fefff [ 341.511710] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 341.517110] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 341.524996] reason=80000021 qualification=0000000000000000 [ 341.538282] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 341.538924] IDTVectoring: info=00000000 errcode=00000000 [ 341.546953] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 341.552182] TSC Offset = 0xffffff46d17ea746 [ 341.563235] EPT pointer = 0x000000008c66801e [ 341.566236] reason=80000021 qualification=0000000000000000 [ 341.579828] IDTVectoring: info=00000000 errcode=00000000 [ 341.587556] TSC Offset = 0xffffff46d03cabb8 [ 341.597432] EPT pointer = 0x00000000910b701e 14:45:20 executing program 5: r0 = gettid() r1 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0xcc0, 0x200002) write$P9_RFLUSH(r1, &(0x7f0000000080)={0x7, 0x6d, 0x1}, 0x7) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r3 = gettid() tkill(r3, 0x1000000000016) ioctl$PPPIOCGDEBUG(r1, 0x80047441, &(0x7f00000000c0)) tkill(r0, 0x16) 14:45:20 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0xe7ffffffffffffff}}}) 14:45:20 executing program 2: 14:45:20 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:20 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) r3 = syz_open_dev$mouse(&(0x7f0000000100)='/dev/input/mouse#\x00', 0x8000, 0x2000) ioctl$TCGETS2(r3, 0x802c542a, &(0x7f0000000140)) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) msgget(0x2, 0x308) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 14:45:20 executing program 2: [ 341.813602] *** Guest State *** 14:45:20 executing program 0: 14:45:20 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0xfdfdffff00000000}}}) 14:45:20 executing program 2: 14:45:20 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_KVMCLOCK_CTRL(r2, 0xaead) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) r4 = openat$selinux_status(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/status\x00', 0x0, 0x0) ioctl$TIOCOUTQ(r2, 0x5411, &(0x7f0000000400)) ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r4, 0xc034564b, &(0x7f0000000100)={0x8, 0x3031334d, 0x8000, 0x100, 0x2, @stepwise={{0x9, 0x3}, {0x3b, 0xce4}, {0xffffffffee2667b5, 0x7fff}}}) ioctl$KVM_SET_DEBUGREGS(r4, 0x4080aea2, &(0x7f0000000140)={[0x0, 0x4000, 0xf000, 0x4ffd], 0x7, 0x40, 0x4}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) setsockopt$bt_l2cap_L2CAP_CONNINFO(r3, 0x6, 0x2, &(0x7f0000000280)={0x9, 0x3, 0x8, 0x7}, 0x6) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$inet6_tcp_buf(r4, 0x6, 0xb, &(0x7f00000001c0)="f23ff3c459d7ba86a6759ff1935d2e75a8d69e6709be961bc2a9d7a7a6dc4353915eb60fee99d439ecd477f2a86a31680da45602c6d77786264540aee666789a7e483bc9291b8d5b114be881bce2f02c29d93c5e1b3bbe1ceba8c692c145a0455a275adf7630071099ce93f220e0e0064740880e6673ab8dcdc6bbbc3de8042ee2e1fa9e565412099ca7ef347f4f0f0fed1c625b1cd71d3e2b10e9c119388a5962699b143ab1388edb415e2b7679462b86cef16a0f1e2da67fee9e", 0xbb) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 341.835004] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 341.862546] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 341.905228] CR3 = 0x0000000000000000 [ 341.920990] RSP = 0x0000000000000f7c RIP = 0x0000000000000007 [ 341.942602] RFLAGS=0x00010046 DR7 = 0x0000000000000400 14:45:20 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0xfdfdffffffffffff}}}) [ 341.977936] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 342.005711] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 342.016147] *** Guest State *** 14:45:20 executing program 2: mkdir(&(0x7f0000000700)='./file1\x00', 0x0) getpid() mkdir(&(0x7f00000003c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='overlay\x00', 0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c6531007c778e"]) chdir(&(0x7f0000000040)='./file0\x00') openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$EVIOCSKEYCODE(r0, 0x40084504, &(0x7f0000000000)=[0x100000000]) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x200600) socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$EVIOCGKEYCODE_V2(0xffffffffffffffff, 0x80284504, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.events\x00', 0x2da8020000100000, 0x500001c) [ 342.023323] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 342.042891] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 342.073460] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 342.075772] CR3 = 0x0000000000000000 [ 342.090825] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 342.102040] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 342.108604] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 342.117081] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 342.130222] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 342.137981] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 342.140776] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 342.155184] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 342.165072] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 342.169048] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 342.178129] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 342.198018] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 342.198673] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 342.207241] GDTR: limit=0x00000000, base=0x0000000000000000 [ 342.214904] GDTR: limit=0x00000000, base=0x0000000000000000 [ 342.214925] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 342.214936] IDTR: limit=0x00000000, base=0x0000000000000000 [ 342.214953] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 342.214964] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 342.214974] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 342.214982] Interruptibility = 00000000 ActivityState = 00000000 [ 342.214986] *** Host State *** [ 342.215050] RIP = 0xffffffff811c8cac RSP = 0xffff888089b3f8c0 [ 342.224385] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 342.237763] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 342.243922] IDTR: limit=0x00000000, base=0x0000000000000000 [ 342.251064] FSBase=00007f43d5ae8700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 342.251075] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 342.251087] CR0=0000000080050033 CR3=000000008ba64000 CR4=00000000001426e0 [ 342.251129] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 342.259882] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 342.270997] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 342.274852] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 342.285260] *** Control State *** [ 342.289982] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 342.297661] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 342.309334] Interruptibility = 00000000 ActivityState = 00000000 [ 342.321823] EntryControls=0000d1ff ExitControls=002fefff [ 342.325680] *** Host State *** [ 342.331704] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 342.339946] RIP = 0xffffffff811c8cac RSP = 0xffff88805848f8c0 [ 342.351779] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 342.355721] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 342.366262] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 342.368584] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 342.371469] reason=80000021 qualification=0000000000000000 [ 342.379512] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 342.390952] IDTVectoring: info=00000000 errcode=00000000 [ 342.392838] CR0=0000000080050033 CR3=000000008b1f7000 CR4=00000000001426f0 [ 342.397803] TSC Offset = 0xffffff4630cedd7e [ 342.402260] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 342.413699] EPT pointer = 0x00000000a45b101e [ 342.415597] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 342.436762] *** Control State *** [ 342.451147] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 342.482049] EntryControls=0000d1ff ExitControls=002fefff 14:45:21 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000000080)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) syz_open_dev$video4linux(&(0x7f00000000c0)='/dev/v4l-subdev#\x00', 0x17, 0x12d00) syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x317c, 0x100) 14:45:21 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup\x00', 0x200002, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000080)='io.max\x00', 0x2, 0x0) write$cgroup_int(r2, &(0x7f00000000c0)=ANY=[@ANYBLOB="373a32094bb7c0b2cef4cfb889a16ae67778d815f15cfbae030c378f8577655d949c7b87b344"], 0x26) 14:45:21 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0xfecaedfe00000000}}}) [ 342.493010] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 342.512873] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 342.555304] VMExit: intr_info=00000000 errcode=00000000 ilen=00000006 [ 342.567238] reason=80000021 qualification=0000000000000000 [ 342.575022] IDTVectoring: info=00000000 errcode=00000000 [ 342.596632] TSC Offset = 0xffffff464fb8224e [ 342.621959] EPT pointer = 0x0000000082d8d01e 14:45:21 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:21 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f00000000c0)={0x2000ec3, 0x5}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = syz_open_dev$dmmidi(&(0x7f0000000140)='/dev/dmmidi#\x00', 0xda, 0x60040) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffff9c, 0x84, 0x71, &(0x7f0000000180)={0x0, 0x8}, &(0x7f00000001c0)=0x8) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000200)={r5, 0x2}, 0x8) ioctl$DRM_IOCTL_SET_MASTER(r4, 0x641e) ioctl$KVM_RUN(r2, 0xae80, 0x0) r6 = syz_open_dev$sndpcmp(&(0x7f0000000100)='/dev/snd/pcmC#D#p\x00', 0x4, 0x20000) ioctl$UI_SET_KEYBIT(r6, 0x40045565, 0x2c4) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:21 executing program 2: 14:45:21 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0xfffffffffffffdfd}}}) 14:45:21 executing program 0: 14:45:21 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0xffffffffffffffe7}}}) 14:45:21 executing program 0: 14:45:21 executing program 2: 14:45:21 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/kvm\x00', 0x200000000007d, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0xfffffffffffffef0, 0x0, 0x0, 0x0) r4 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000480)='/dev/dlm_plock\x00', 0x2, 0x0) ioctl$VIDIOC_QUERYMENU(r4, 0xc02c5625, &(0x7f0000000600)={0x7, 0x0, @name="a86eff99e21684fac385abe9ddd102fecf79965f644969d0060281dfab53e6b1"}) socket$kcm(0x29, 0x5, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80020401}, 0xc, &(0x7f0000000280)={&(0x7f0000000140)={0x12c, r5, 0x300, 0x70bd29, 0x25dfdbfd, {}, [@TIPC_NLA_SOCK={0x8, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_NET={0x5c, 0x7, [@TIPC_NLA_NET_ID={0x8, 0x1, 0xfffffffffffffffb}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xd1}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}, @TIPC_NLA_NET_NODEID={0xc}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x2}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x6}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x800}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x2}]}, @TIPC_NLA_BEARER={0xc, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1ff}]}, @TIPC_NLA_LINK={0x34, 0x4, [@TIPC_NLA_LINK_PROP={0x24, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1f}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}]}, @TIPC_NLA_NET={0x50, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x1}, @TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7ff}]}, @TIPC_NLA_SOCK={0x10, 0x2, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x2}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_SOCK={0x14, 0x2, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xffffffffffffffff}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x101}]}]}, 0x12c}, 0x1, 0x0, 0x0, 0x20004004}, 0x8000) syz_init_net_socket$netrom(0x6, 0x5, 0x0) r6 = semget(0x1, 0x0, 0x22) semop(r6, &(0x7f0000000440)=[{0x0, 0x9, 0x1800}, {0x2, 0x20, 0x1000}, {0x3, 0x5, 0x1800}, {0x3, 0x5, 0x800}, {0x1, 0x1ff, 0x1000}, {0x3, 0x8b7}, {0x7, 0x7, 0x1000}, {0x5, 0x1, 0x1800}], 0x8) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) r7 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x9, 0x1) ioctl$LOOP_GET_STATUS64(r7, 0x4c05, &(0x7f0000000500)) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 342.904864] *** Guest State *** [ 342.923375] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 342.968297] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 342.987219] CR3 = 0x0000000000000000 [ 343.019122] RSP = 0x0000000000000f7c RIP = 0x0000000000000007 [ 343.058977] RFLAGS=0x00010046 DR7 = 0x0000000000000400 [ 343.076345] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 343.083808] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 343.094230] *** Guest State *** [ 343.095467] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 343.098575] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 343.106751] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 343.121108] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 343.124155] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 343.138449] CR3 = 0x0000000000000000 [ 343.141216] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 343.148431] RSP = 0x0000000000001fc4 RIP = 0x0000000000003e05 [ 343.153235] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 343.164882] RFLAGS=0x00010006 DR7 = 0x0000000000000400 [ 343.167948] GDTR: limit=0x00000000, base=0x0000000000000000 [ 343.180575] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 343.182415] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 343.189113] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 343.197379] IDTR: limit=0x00000000, base=0x0000000000000000 [ 343.211047] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 343.213752] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 343.227105] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 343.230126] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 343.238134] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 343.244875] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 343.257990] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 343.260810] Interruptibility = 00000000 ActivityState = 00000000 [ 343.269054] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 343.275637] *** Host State *** [ 343.287711] RIP = 0xffffffff811c8cac RSP = 0xffff88805919f8c0 [ 343.289217] GDTR: limit=0x00000000, base=0x0000000000000000 [ 343.294382] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 343.304086] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 343.309637] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 343.324579] IDTR: limit=0x00000000, base=0x0000000000000000 [ 343.326530] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 343.334217] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 343.341122] CR0=0000000080050033 CR3=00000000a961d000 CR4=00000000001426f0 [ 343.353899] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 343.356909] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 343.363284] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 343.370501] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 343.382611] Interruptibility = 00000000 ActivityState = 00000000 [ 343.384226] *** Control State *** [ 343.395242] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 343.398639] *** Host State *** [ 343.402685] EntryControls=0000d1ff ExitControls=002fefff [ 343.405503] RIP = 0xffffffff811c8cac RSP = 0xffff88805848f8c0 [ 343.411919] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 343.422804] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 343.425197] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 343.431387] FSBase=00007f43d5ae8700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 343.438578] VMExit: intr_info=00000000 errcode=00000000 ilen=00000006 [ 343.452378] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 343.454375] reason=80000021 qualification=0000000000000000 [ 343.459378] CR0=0000000080050033 CR3=0000000082ff3000 CR4=00000000001426e0 [ 343.467026] IDTVectoring: info=00000000 errcode=00000000 [ 343.478197] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 343.479094] TSC Offset = 0xffffff45bbf3752c [ 343.485702] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 343.492412] EPT pointer = 0x00000000a079501e [ 343.501580] *** Control State *** [ 343.505854] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 343.513142] EntryControls=0000d1ff ExitControls=002fefff [ 343.518797] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 343.531254] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 343.539038] VMExit: intr_info=00000000 errcode=00000000 ilen=00000006 [ 343.549045] reason=80000021 qualification=0000000000000000 [ 343.570345] IDTVectoring: info=00000000 errcode=00000000 14:45:22 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) r4 = getegid() setsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000100)={r0, r3, r4}, 0xc) tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:45:22 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x2}}}) 14:45:22 executing program 0: 14:45:22 executing program 2: 14:45:22 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:22 executing program 0: [ 343.582601] TSC Offset = 0xffffff45a08057f4 [ 343.587838] EPT pointer = 0x000000008a38701e 14:45:22 executing program 2: 14:45:22 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x5}}}) [ 343.718159] *** Guest State *** [ 343.739360] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 14:45:22 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = syz_open_dev$adsp(&(0x7f00000000c0)='/dev/adsp#\x00', 0x5, 0x2) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r4, 0x80045301, &(0x7f0000000100)) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:22 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x200, 0x8000) [ 343.786794] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 343.827090] CR3 = 0x0000000000000000 14:45:22 executing program 2: 14:45:22 executing program 0: 14:45:22 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0xe7}}}) [ 343.838826] RSP = 0x0000000000000f7c RIP = 0x0000000000000007 [ 343.846274] RFLAGS=0x00010046 DR7 = 0x0000000000000400 [ 343.853158] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 343.866203] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 343.893238] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 343.949457] *** Guest State *** [ 343.966491] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 343.975844] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 14:45:22 executing program 0: 14:45:22 executing program 2: 14:45:22 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x500}}}) [ 343.994508] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 344.009529] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 344.025633] CR3 = 0x0000000000000000 [ 344.034611] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 344.065111] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 344.092710] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 344.117805] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 344.124419] GDTR: limit=0x00000000, base=0x0000000000000000 [ 344.132952] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 344.150839] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 344.159438] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 344.172058] IDTR: limit=0x00000000, base=0x0000000000000000 [ 344.186072] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 344.195493] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 344.203950] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 344.212168] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 344.221882] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 344.230364] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 344.230374] Interruptibility = 00000000 ActivityState = 00000000 [ 344.230379] *** Host State *** [ 344.230390] RIP = 0xffffffff811c8cac RSP = 0xffff88805b7478c0 [ 344.230410] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 344.230420] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 344.230433] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 344.268961] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 344.285131] CR0=0000000080050033 CR3=000000008a0e3000 CR4=00000000001426e0 [ 344.292791] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 344.294666] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 344.300417] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 344.314346] GDTR: limit=0x00000000, base=0x0000000000000000 [ 344.315107] *** Control State *** [ 344.324434] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 344.326645] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 344.339660] IDTR: limit=0x00000000, base=0x0000000000000000 [ 344.342414] EntryControls=0000d1ff ExitControls=002fefff [ 344.354930] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 344.356899] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 344.365354] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 344.371591] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 344.383223] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 344.385077] VMExit: intr_info=00000000 errcode=00000000 ilen=00000006 [ 344.394285] Interruptibility = 00000000 ActivityState = 00000000 [ 344.399974] reason=80000021 qualification=0000000000000000 [ 344.413219] *** Host State *** [ 344.414716] IDTVectoring: info=00000000 errcode=00000000 [ 344.418087] RIP = 0xffffffff811c8cac RSP = 0xffff8880577178c0 [ 344.424292] TSC Offset = 0xffffff4549ba27f6 [ 344.434872] EPT pointer = 0x000000008a8aa01e [ 344.435520] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 344.446205] FSBase=00007f43d5ae8700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 344.464852] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 14:45:22 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:22 executing program 0: 14:45:22 executing program 2: 14:45:22 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x2000}}}) [ 344.475799] CR0=0000000080050033 CR3=000000008f8d5000 CR4=00000000001426e0 [ 344.513615] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 344.556504] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 344.599077] *** Control State *** [ 344.606372] *** Guest State *** [ 344.620846] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 344.630071] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 344.638285] EntryControls=0000d1ff ExitControls=002fefff [ 344.638545] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 344.653947] CR3 = 0x0000000000000000 [ 344.656441] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 344.665380] RSP = 0x0000000000000f80 RIP = 0x0000000000002000 [ 344.666617] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 344.678936] RFLAGS=0x00010046 DR7 = 0x0000000000000400 [ 344.684462] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 344.686087] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 344.697142] reason=80000021 qualification=0000000000000000 [ 344.699144] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 344.710360] IDTVectoring: info=00000000 errcode=00000000 [ 344.714948] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 344.724076] TSC Offset = 0xffffff452df7e0e0 [ 344.728966] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 344.733838] EPT pointer = 0x0000000095c8b01e [ 344.742206] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 344.755434] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 344.764866] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 344.773736] GDTR: limit=0x00000000, base=0x0000000000000000 [ 344.782720] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 344.791652] IDTR: limit=0x00000000, base=0x0000000000000000 14:45:23 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x40, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 344.800924] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 344.809283] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 344.816492] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 344.827221] Interruptibility = 00000000 ActivityState = 00000000 [ 344.834457] *** Host State *** [ 344.838229] RIP = 0xffffffff811c8cac RSP = 0xffff8880a86df8c0 14:45:23 executing program 5: r0 = gettid() prctl$PR_GET_FPEMU(0x9, &(0x7f0000000040)) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:45:23 executing program 2: 14:45:23 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0xe7ff}}}) 14:45:23 executing program 0: [ 344.851471] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 344.886203] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 14:45:23 executing program 2: 14:45:23 executing program 0: [ 344.925318] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 344.932451] CR0=0000000080050033 CR3=0000000087fb0000 CR4=00000000001426f0 [ 344.940644] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 14:45:23 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0xfdfd}}}) [ 345.013155] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 345.028495] *** Guest State *** [ 345.044803] *** Control State *** [ 345.048675] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 345.052334] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 345.063711] EntryControls=0000d1ff ExitControls=002fefff [ 345.078643] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 345.102285] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 345.103986] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000 [ 345.114797] CR3 = 0x0000000000000000 [ 345.125175] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 345.127584] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002 [ 345.132304] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 345.139412] reason=80000021 qualification=0000000000000000 [ 345.145675] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 345.163401] IDTVectoring: info=00000000 errcode=00000000 [ 345.168956] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 345.168975] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 345.192851] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 345.205418] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 345.206401] TSC Offset = 0xffffff44cfa73067 [ 345.215564] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 345.225481] EPT pointer = 0x00000000a826501e [ 345.231417] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 345.240963] GDTR: limit=0x00000000, base=0x0000000000000000 [ 345.249547] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:23 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:23 executing program 2: 14:45:23 executing program 0: 14:45:23 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0xffe7}}}) [ 345.263554] IDTR: limit=0x00000000, base=0x0000000000000000 [ 345.273198] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 345.315684] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 345.341281] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 345.364439] Interruptibility = 00000000 ActivityState = 00000000 [ 345.387088] *** Host State *** [ 345.392187] *** Guest State *** [ 345.398842] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 345.415747] RIP = 0xffffffff811c8cac RSP = 0xffff88809955f8c0 [ 345.419554] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 345.432454] CR3 = 0x0000000000000000 [ 345.439162] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 345.440655] RSP = 0x0000000000000f80 RIP = 0x0000000000002000 [ 345.453185] RFLAGS=0x00010046 DR7 = 0x0000000000000400 [ 345.454630] FSBase=00007f43d5ae8700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 345.464011] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 345.469513] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 345.475047] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 345.486923] CR0=0000000080050033 CR3=0000000093f67000 CR4=00000000001426e0 [ 345.490447] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 345.497041] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 345.505917] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 345.517428] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 345.520943] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 345.526660] *** Control State *** [ 345.535466] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 345.544855] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 345.548471] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 345.554886] EntryControls=0000d1ff ExitControls=002fefff [ 345.563592] GDTR: limit=0x00000000, base=0x0000000000000000 [ 345.575264] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 345.579951] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 345.587525] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 345.596288] IDTR: limit=0x00000000, base=0x0000000000000000 [ 345.607746] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 345.611947] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 345.618343] reason=80000021 qualification=0000000000000000 [ 345.626725] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 345.638097] IDTVectoring: info=00000000 errcode=00000000 [ 345.639804] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 345.645319] TSC Offset = 0xffffff4497a28639 [ 345.653055] Interruptibility = 00000000 ActivityState = 00000000 [ 345.662502] EPT pointer = 0x000000008b73d01e [ 345.664490] *** Host State *** [ 345.672265] RIP = 0xffffffff811c8cac RSP = 0xffff8880a8ccf8c0 [ 345.678350] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 345.685259] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 345.698631] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 345.705523] CR0=0000000080050033 CR3=0000000093a86000 CR4=00000000001426e0 14:45:24 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$media(&(0x7f0000000140)='/dev/media#\x00', 0x4, 0x0) ioctl$EVIOCSFF(r2, 0x40304580, &(0x7f00000001c0)={0x55, 0x8, 0x1f, {0x100000001, 0xfff}, {0x5, 0xffffffffffffff99}, @period={0x58, 0x17a3, 0x100, 0x2, 0xff, {0x1d56c1c5, 0x3, 0xfffffffffffffffe, 0x80000001}, 0x9, &(0x7f0000000180)=[0xbd, 0x5, 0x8, 0xeb3, 0x2, 0x1ff, 0x8001, 0x8, 0x4]}}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) pwrite64(r0, &(0x7f0000000100)="6bef0c459294fad342d3be427ff67c62ca2ea15442a108f41b", 0x19, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) openat$vfio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vfio/vfio\x00', 0x0, 0x0) setsockopt$netlink_NETLINK_CAP_ACK(r2, 0x10e, 0xa, &(0x7f0000000200)=0xffff, 0x4) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$IOC_PR_RELEASE(r2, 0x401070ca, &(0x7f0000000240)={0x7, 0xffffffffffff1d92}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 345.715251] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 345.726814] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 345.736277] *** Control State *** [ 345.743728] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 345.763531] EntryControls=0000d1ff ExitControls=002fefff [ 345.775010] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 345.792121] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000 [ 345.797832] *** Guest State *** [ 345.805693] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002 14:45:24 executing program 5: gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x75) r1 = gettid() ioctl$NBD_SET_BLKSIZE(r0, 0xab01, 0x80) tkill(r1, 0x1000000000016) tkill(r1, 0x6) r2 = dup3(r0, r0, 0x80000) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000040)={0x8d6598a, 0x8000, 0x4, 0xd38b, 0x0}, &(0x7f0000000080)=0x10) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f00000000c0)={r3, 0xffffffffffff8000}, 0x8) 14:45:24 executing program 0: 14:45:24 executing program 2: 14:45:24 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x1000000}}}) [ 345.806748] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 345.824471] reason=80000021 qualification=0000000000000000 [ 345.824648] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 345.833108] IDTVectoring: info=00000000 errcode=00000000 14:45:24 executing program 0: [ 345.889939] TSC Offset = 0xffffff446371ab2e [ 345.898705] CR3 = 0x0000000000000000 [ 345.906220] EPT pointer = 0x000000008e16501e [ 345.907690] RSP = 0x0000000000002000 RIP = 0x0000000000000000 14:45:24 executing program 2: [ 345.937603] RFLAGS=0x00010002 DR7 = 0x0000000000000400 14:45:24 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:24 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x2000000}}}) [ 345.979504] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 14:45:24 executing program 0: 14:45:24 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ptrace$setopts(0x4206, r0, 0x10001, 0x1100001) poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) [ 346.024659] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:24 executing program 2: [ 346.090679] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 346.140580] *** Guest State *** [ 346.144191] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 346.158290] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 346.174629] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 346.193418] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 346.206303] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 346.222368] CR3 = 0x0000000000000000 [ 346.226304] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 346.239649] RSP = 0x0000000000000f80 RIP = 0x0000000000002000 [ 346.247729] GDTR: limit=0x00000000, base=0x0000000000000000 [ 346.268852] RFLAGS=0x00010046 DR7 = 0x0000000000000400 [ 346.283368] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 346.291673] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 346.300082] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 346.300103] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 346.300121] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 346.317701] IDTR: limit=0x00000000, base=0x0000000000000000 [ 346.331520] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 346.333426] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 346.344775] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 346.351510] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 346.363252] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 346.365317] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 346.374283] GDTR: limit=0x00000000, base=0x0000000000000000 [ 346.382211] Interruptibility = 00000000 ActivityState = 00000000 [ 346.394465] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 346.396085] *** Host State *** [ 346.405142] IDTR: limit=0x00000000, base=0x0000000000000000 [ 346.408808] RIP = 0xffffffff811c8cac RSP = 0xffff88809955f8c0 [ 346.422501] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 346.424239] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 346.434673] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 346.439824] FSBase=00007f43d5ae8700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 346.448552] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 346.454241] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 346.466876] Interruptibility = 00000000 ActivityState = 00000000 [ 346.468167] CR0=0000000080050033 CR3=0000000099519000 CR4=00000000001426e0 [ 346.474129] *** Host State *** [ 346.481771] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 346.489636] RIP = 0xffffffff811c8cac RSP = 0xffff88805a9cf8c0 [ 346.492775] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 346.505065] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 346.509711] *** Control State *** [ 346.518596] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 346.523166] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 346.535306] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 346.542039] EntryControls=0000d1ff ExitControls=002fefff [ 346.548283] CR0=0000000080050033 CR3=0000000093266000 CR4=00000000001426e0 [ 346.554173] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 346.566623] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 346.569617] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 346.576124] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 346.589426] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 346.599281] *** Control State *** [ 346.602583] reason=80000021 qualification=0000000000000000 [ 346.602953] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 346.609773] IDTVectoring: info=00000000 errcode=00000000 [ 346.623595] EntryControls=0000d1ff ExitControls=002fefff [ 346.624221] TSC Offset = 0xffffff44291d24ce [ 346.629369] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 346.634190] EPT pointer = 0x0000000093c4701e [ 346.645943] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000 [ 346.653184] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002 [ 346.672404] reason=80000021 qualification=0000000000000000 [ 346.678885] IDTVectoring: info=00000000 errcode=00000000 [ 346.684940] TSC Offset = 0xffffff43fe4c0ddd [ 346.689628] EPT pointer = 0x000000008f36701e 14:45:25 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3, 0x626}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:25 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x5000000}}}) 14:45:25 executing program 0: 14:45:25 executing program 2: 14:45:25 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:25 executing program 0: 14:45:25 executing program 2: 14:45:25 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x20000000}}}) [ 346.846350] *** Guest State *** [ 346.850120] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 346.859182] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:45:25 executing program 0: [ 346.929161] CR3 = 0x0000000000000000 14:45:25 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:25 executing program 5: r0 = gettid() timer_create(0x2, &(0x7f0000044000)={0x0, 0x16, 0xfffffffffffffffc, @thr={&(0x7f0000000340)="7b16d8b14d110c06fa81327d44be9554dc986cc17f58ec1bb4c293d7cfb6e4d35fab8f244756a68d81547c5d9d3abe89a6ffbae421102079c16f75dbb0cbc826587fa7ab098c577d8020b2b5ff2a39d7cac33de5356174e0a069dcb7bec274f81b95d41e268d9f27aa057e465d61b9e1da835c4c5be84ef4b7cddc58e4eeef07af449797fc20d2b4420106f85d2f050d11207a099c74b0383a8e7ba2f4b4c3559d0713b279875485e0cc2fc151930ab0ce1d3549e2a0757342f14100dae3ad37bf41ce261ca57eef2c", &(0x7f0000000440)="97d748684d0dba50cfafe81e9d22d7f4dc7b0b7dac5d27036cc40b236318a10827242d49f92bc0fcfb43d769a7f5f7bf98367dd70bb5a52234e027713a945d63c6d7f26e804ab384e86e488674e4fae994615a76188538e55302f52acc3956402b3a7ba79c25e4a39e41"}}, &(0x7f00000002c0)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = syz_open_dev$amidi(&(0x7f00000004c0)='/dev/amidi#\x00', 0x100000001, 0x400000) ioctl$PIO_FONT(r1, 0x4b61, &(0x7f0000000500)="c661e50711be5bec1f12ff38910f50bd18076fd1d927dabd56bf6729e272bbd7d06a1027b55c072508e882996a02c025c77f70985982bd7c8e6ed185c8db1e2e2188eaae4f0362c33822dcaad404cef594bb1c10b7f4f71fe90f7a87967f26d44c138d6b556b446a77d789ae74234d27bdea1594414da6f541fe5c89eb1a48327b13") r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="4adc1f123c123f318e7e11") poll(0x0, 0x0, 0x77919ce2) timer_create(0x7, &(0x7f0000000200)={0x0, 0x1c, 0x2, @thr={&(0x7f0000000040)="2006237701a27a54cc814797f1e6db929ddf1d2021c106a3e8ac5f33583f702ef2f438b6b3c4d2946822ec56e1b77212668eb9ccd40a85ea5460a1c4c24f97ccacc8fbcd8f809c77b9585f799842e20e42d8c120b36b2d9a672480b7cf9dab372036796eea79b6171c9be0c4a99f7891839c3eb18593ad536ac5c3c8c5391479fa74700684b46bd89facdd3e6159a355f6e763b5412aba16d5846259a4df89105825932d6e3f7300b84861db68ef96c5e0700de5c07b2a5a00997726f7696372e9c31ef05c", &(0x7f0000000140)="ca790475e4e4cc9616d289dbb2434b5d78193500383d02d2059f53123c6f9261258e76805cb00abf3fa97ee84d5b32ac0eae00e285d596218a47a00fda4fe0f6a3641538415c514c9d865ed9d19b2a559061bc3f1748e04e07a7a9cebdc4d1d6b6ceadd9b14ecf9b4a98495c76d84b681d7e1549d966e4cc48085bd25e9aeb170d23648c271c7f6e4fcbef9e8585172cf0284f"}}, &(0x7f0000000240)) r3 = gettid() tkill(r3, 0x1000000000016) r4 = syz_open_dev$mouse(&(0x7f0000000280)='/dev/input/mouse#\x00', 0xfffffffffffffff7, 0x10000) mmap$binder(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x810, r4, 0x21) tkill(r0, 0x16) 14:45:25 executing program 2: [ 346.964765] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 347.018043] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 347.088569] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 347.108294] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 347.153006] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 347.194168] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 347.203934] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 347.213500] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 347.222936] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 347.232974] GDTR: limit=0x00000000, base=0x0000000000000000 [ 347.241651] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 347.250015] IDTR: limit=0x00000000, base=0x0000000000000000 [ 347.258214] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 347.266292] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 347.272901] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 347.281225] Interruptibility = 00000000 ActivityState = 00000000 [ 347.287690] *** Host State *** [ 347.291945] RIP = 0xffffffff811c8cac RSP = 0xffff88805a9cf8c0 [ 347.297956] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 347.304828] FSBase=00007f43d5ae8700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 347.313515] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 347.320170] CR0=0000000080050033 CR3=000000008a64d000 CR4=00000000001426e0 [ 347.327828] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 347.334667] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 347.340788] *** Control State *** [ 347.344450] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 347.352279] EntryControls=0000d1ff ExitControls=002fefff [ 347.358375] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 347.368525] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 347.375546] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 347.385012] reason=80000021 qualification=0000000000000000 14:45:25 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:25 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0xe7ffffff}}}) [ 347.392376] IDTVectoring: info=00000000 errcode=00000000 [ 347.398301] TSC Offset = 0xffffff439a4f2b7c [ 347.404593] EPT pointer = 0x0000000091bcd01e 14:45:25 executing program 2: 14:45:25 executing program 0: 14:45:25 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:25 executing program 0: 14:45:25 executing program 2: 14:45:26 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0xfdfdffff}}}) [ 347.572797] *** Guest State *** 14:45:26 executing program 2: [ 347.599874] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 347.618780] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:45:26 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 347.657665] CR3 = 0x0000000000000000 [ 347.690428] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 347.706628] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 347.720389] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 347.798190] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 347.826313] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 347.842352] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 347.856635] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 347.856654] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 347.856670] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 347.856682] GDTR: limit=0x00000000, base=0x0000000000000000 [ 347.856698] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 347.856710] IDTR: limit=0x00000000, base=0x0000000000000000 [ 347.856730] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 347.990176] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 348.004030] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 348.026240] Interruptibility = 00000000 ActivityState = 00000000 [ 348.045816] *** Host State *** [ 348.051376] RIP = 0xffffffff811c8cac RSP = 0xffff888057a278c0 [ 348.067032] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 348.088995] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 348.103745] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 348.114383] CR0=0000000080050033 CR3=000000008a64d000 CR4=00000000001426f0 [ 348.122352] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 348.136484] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 348.147161] *** Control State *** [ 348.153517] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 348.169049] EntryControls=0000d1ff ExitControls=002fefff [ 348.192723] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 348.204596] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 348.217810] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 348.229216] reason=80000021 qualification=0000000000000000 [ 348.243754] IDTVectoring: info=00000000 errcode=00000000 [ 348.255236] TSC Offset = 0xffffff433866ee91 [ 348.276396] EPT pointer = 0x00000000a8efa01e 14:45:28 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0xfecaedfe}}}) 14:45:28 executing program 0: 14:45:28 executing program 2: 14:45:28 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:28 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x2000, 0x0) getsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000000080), &(0x7f00000000c0)=0x4) r3 = gettid() tkill(r3, 0x8001000000000012) tkill(r0, 0x16) 14:45:28 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) munmap(&(0x7f000002f000/0x2000)=nil, 0x2000) ioctl(r3, 0x1000008912, &(0x7f0000000100)="0adc1f123d62743f40a5bbf9f23c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer2\x00', 0x8000, 0x0) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r4, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000240)={&(0x7f0000000400)={0xac, r5, 0x100, 0x70bd28, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xeac}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x51}, @IPVS_CMD_ATTR_DAEMON={0x78, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ip_vti0\x00'}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @initdev={0xfe, 0x88, [], 0x1, 0x0}}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x3}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}]}]}, 0xac}, 0x1, 0x0, 0x0, 0x40040}, 0x90) fsetxattr$security_selinux(r1, &(0x7f00000000c0)='security.selinux\x00', &(0x7f0000000140)='system_u:object_r:hald_dccm_exec_t:s0\x00', 0x26, 0x3) socket$packet(0x11, 0x3, 0x300) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:28 executing program 2: 14:45:28 executing program 0: 14:45:28 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0xfeedcafe}}}) 14:45:28 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 350.172545] *** Guest State *** [ 350.175899] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 350.237321] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 350.259786] net_ratelimit: 1 callbacks suppressed [ 350.259795] protocol 88fb is buggy, dev hsr_slave_0 [ 350.259814] protocol 88fb is buggy, dev hsr_slave_1 [ 350.264784] protocol 88fb is buggy, dev hsr_slave_1 14:45:28 executing program 2: 14:45:28 executing program 0: add_key(&(0x7f0000000140)='logon\x00', &(0x7f0000000180)={'syz'}, 0x0, 0x0, 0xfffffffffffffffb) [ 350.288049] CR3 = 0x0000000000000000 [ 350.305412] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 350.317854] RFLAGS=0x00010002 DR7 = 0x0000000000000400 14:45:28 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0xfffffdfd}}}) [ 350.334743] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 350.348770] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:28 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@broute={'broute\x00', 0x20, 0x1, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x100000000000000, 0x0, &(0x7f00000000c0)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {}, {}]}, 0x108) 14:45:28 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:28 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0xffffffe7}}}) [ 350.397668] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 350.436908] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 350.477329] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 350.530749] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 350.582392] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 350.601959] kvm: emulating exchange as write [ 350.629350] GDTR: limit=0x00000000, base=0x0000000000000000 [ 350.663581] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 350.675607] IDTR: limit=0x00000000, base=0x0000000000000000 [ 350.684470] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 350.693600] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 350.700753] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 350.712931] Interruptibility = 00000000 ActivityState = 00000000 [ 350.722549] *** Host State *** [ 350.726030] RIP = 0xffffffff811c8cac RSP = 0xffff888060a378c0 [ 350.732918] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 350.740428] FSBase=00007f43d5ae8700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 350.749043] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 350.755659] CR0=0000000080050033 CR3=0000000082585000 CR4=00000000001426e0 [ 350.763425] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 350.770557] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 350.777394] *** Control State *** [ 350.781439] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 350.788900] EntryControls=0000d1ff ExitControls=002fefff [ 350.794459] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 350.801671] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 350.809567] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 350.816855] reason=80000021 qualification=0000000000000000 [ 350.819801] protocol 88fb is buggy, dev hsr_slave_0 [ 350.823424] IDTVectoring: info=00000000 errcode=00000000 [ 350.828559] protocol 88fb is buggy, dev hsr_slave_1 [ 350.834117] TSC Offset = 0xffffff41d7770cd6 [ 350.844350] EPT pointer = 0x00000000a93bc01e 14:45:29 executing program 2: recvmmsg(0xffffffffffffffff, &(0x7f0000009340)=[{{0xffffffffffffffff, 0x0, &(0x7f0000003280)=[{&(0x7f0000002180)=""/113, 0x71}, {&(0x7f0000002200)=""/66, 0x42}, {&(0x7f0000002280)=""/4096, 0x1000}, {&(0x7f0000001e40)=""/64, 0x40}], 0x4, &(0x7f00000032c0)=""/224, 0xe0, 0x9}, 0xfffffffffffffffe}, {{&(0x7f00000034c0)=@sco, 0x80, &(0x7f0000003700)=[{&(0x7f0000003540)=""/187, 0xbb}, {&(0x7f0000003600)=""/253, 0xfd}], 0x2, &(0x7f0000003740)=""/165, 0xa5}, 0x5}, {{&(0x7f0000003980)=@ipx, 0x80, &(0x7f0000005bc0)=[{&(0x7f0000003a00)=""/181, 0xb5}, {&(0x7f0000005b00)=""/119, 0x77}, {&(0x7f0000005b80)=""/23, 0x17}], 0x3, &(0x7f0000005c40)=""/4096, 0x1000}, 0x8}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000006f00)=""/245, 0xf5, 0x1000}}], 0x4, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes192\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000001280)=[{{&(0x7f0000000ec0)=@nl=@proc, 0x34e, &(0x7f0000001180)=[{&(0x7f0000001080)=""/251, 0xfb}], 0x11, &(0x7f00000011c0)=""/157, 0x9d}}], 0x1500, 0x0, &(0x7f0000001380)={0x77359400}) [ 350.951279] *** Guest State *** [ 350.955361] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 350.965909] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 350.977758] CR3 = 0x0000000000000000 [ 350.981689] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 350.987821] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 351.001178] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 351.008237] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.020767] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.029136] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 351.037692] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.048040] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.056742] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.065509] GDTR: limit=0x00000000, base=0x0000000000000000 [ 351.073845] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.083205] IDTR: limit=0x00000000, base=0x0000000000000000 [ 351.091709] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.099996] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 351.107398] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 351.115097] Interruptibility = 00000000 ActivityState = 00000000 [ 351.121548] *** Host State *** [ 351.125009] RIP = 0xffffffff811c8cac RSP = 0xffff88805a9af8c0 [ 351.135803] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 351.142907] FSBase=00007f43d5ac7700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 351.156963] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 351.163960] CR0=0000000080050033 CR3=0000000082585000 CR4=00000000001426e0 [ 351.177100] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 351.184240] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 351.196556] *** Control State *** [ 351.200610] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 351.207536] EntryControls=0000d1ff ExitControls=002fefff [ 351.219353] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 351.226895] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 351.239900] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 351.247039] reason=80000021 qualification=0000000000000000 [ 351.259600] IDTVectoring: info=00000000 errcode=00000000 [ 351.265843] TSC Offset = 0xffffff416cfaf7ca [ 351.276354] EPT pointer = 0x000000009a0dc01e 14:45:29 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x0, 0x200001) ioctl$ASHMEM_GET_NAME(r3, 0x81007702, &(0x7f0000000100)=""/146) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r3, r3, &(0x7f000002f000/0x18000)=nil, 0x0, 0xfffffffffffffe2f, 0x0, 0x0, 0x0) ioctl$BLKIOOPT(r3, 0x1279, &(0x7f00000001c0)) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:29 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:29 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x100000000000000}}}) 14:45:29 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)=0x0) timer_settime(r1, 0x0, &(0x7f0000000280)={{0x0, 0x1c9c380}}, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r3 = gettid() r4 = openat(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x2040, 0x40) ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r4, 0xc1105511, &(0x7f0000000340)={{0x9, 0x5, 0x69, 0xfffffffffffffffc, 'syz0\x00', 0x9}, 0x1, 0x300, 0x1004, r3, 0x7, 0x5, 'syz1\x00', &(0x7f00000001c0)=['\x00', 'proc^\x00', '\x00', 'keyring-\x00', '+systemnodev)*cpuset\x00', '\xfaposix_acl_access]\x00', '\x00'], 0x3a, [], [0x3, 0x6, 0x7, 0x608]}) ptrace$pokeuser(0x6, r3, 0xfffffffffffffffc, 0x6) tkill(r3, 0x1000000000016) tkill(r0, 0x16) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000300)='TIPC\x00') sendmsg$TIPC_CMD_RESET_LINK_STATS(r4, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0xc100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x28, r5, 0x0, 0x70bd28, 0x25dfdbfd, {{}, 0x0, 0x410c, 0x0, {0xc, 0x14, 'syz0\x00'}}, ["", "", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x4048881) nanosleep(&(0x7f0000000200), &(0x7f0000000240)) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000040)={{{@in6=@loopback, @in6=@local}}, {{@in=@loopback}, 0x0, @in=@empty}}, &(0x7f0000000140)=0xe8) 14:45:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:29 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x200000000000000}}}) [ 351.428415] *** Guest State *** [ 351.433325] *** Guest State *** [ 351.438198] *** Guest State *** [ 351.446476] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 351.446485] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 351.446500] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:45:29 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl(r1, 0x4, &(0x7f0000000040)="51d688594f30d81a7c994af3337989166fdfa03286197fe177374742a8035e02df4fedd7ac2b31a59fe927372d0dbbf4a0001db9bf82217e055167cbb01b905845d2138831437f69e3dba14c2e2c920b6e3e472bbc4548b25021cf62697bdd31a9da888f6ca00f9a5c3cf582c3e926e742d0d31ccb740aaba506f3") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) [ 351.482142] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 351.492508] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 351.500919] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 351.516779] CR3 = 0x0000000000000000 [ 351.521791] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 351.530489] CR3 = 0x0000000000000000 [ 351.535003] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [ 351.543485] CR3 = 0x0000000000000000 [ 351.547603] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [ 351.554548] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 351.561203] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 351.569415] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 351.578585] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 351.585474] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 351.593222] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 351.602193] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.611176] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.621050] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:30 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x500000000000000}}}) [ 351.630057] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.638322] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.647081] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.656033] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 351.664807] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 351.674110] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.683436] SS: sel=0x0000, attr=0x08081, limit=0x00000000, base=0x0000000000000000 [ 351.692203] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.701027] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.712554] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.721515] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.738083] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.761123] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.776859] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.799125] GDTR: limit=0x00000000, base=0x0000000000000000 [ 351.824290] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.834423] GDTR: limit=0x00000000, base=0x0000000000000000 [ 351.853550] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.868040] GDTR: limit=0x00000000, base=0x0000000000000000 [ 351.879983] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:30 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x2000000000000000}}}) 14:45:30 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f00000000c0)={0x2000ec3, 0x5}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = syz_open_dev$dmmidi(&(0x7f0000000140)='/dev/dmmidi#\x00', 0xda, 0x60040) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffff9c, 0x84, 0x71, &(0x7f0000000180)={0x0, 0x8}, &(0x7f00000001c0)=0x8) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000200)={r5, 0x2}, 0x8) ioctl$DRM_IOCTL_SET_MASTER(r4, 0x641e) ioctl$KVM_RUN(r2, 0xae80, 0x0) r6 = syz_open_dev$sndpcmp(&(0x7f0000000100)='/dev/snd/pcmC#D#p\x00', 0x4, 0x20000) ioctl$UI_SET_KEYBIT(r6, 0x40045565, 0x2c4) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 351.899062] IDTR: limit=0x00000000, base=0x0000000000000000 [ 351.911927] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.915563] IDTR: limit=0x00000000, base=0x0000000000000000 [ 351.925667] IDTR: limit=0x00000000, base=0x0000000000000000 [ 351.939623] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.954555] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 351.961386] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 351.966283] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 351.969135] Interruptibility = 00000000 ActivityState = 00000000 [ 351.984246] *** Host State *** [ 351.987595] RIP = 0xffffffff811c8cac RSP = 0xffff888048f578c0 [ 351.994405] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 352.002144] FSBase=00007f00afa20700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 352.013251] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 352.029099] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 352.040089] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 14:45:30 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0xe7ffffffffffffff}}}) [ 352.064581] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 352.064955] Interruptibility = 00000000 ActivityState = 00000000 [ 352.084449] CR0=0000000080050033 CR3=000000009225d000 CR4=00000000001426f0 [ 352.089448] *** Host State *** [ 352.095340] RIP = 0xffffffff811c8cac RSP = 0xffff88805a1b78c0 [ 352.102645] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 352.110905] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 352.113861] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 352.117984] FSBase=00007f43d5ae8700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 352.133623] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 352.135985] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 352.142415] Interruptibility = 00000000 ActivityState = 00000000 [ 352.154039] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 352.154054] CR0=0000000080050033 CR3=00000000a95ce000 CR4=00000000001426e0 [ 352.154069] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 352.160828] *** Host State *** [ 352.176013] *** Control State *** [ 352.194086] RIP = 0xffffffff811c8cac RSP = 0xffff888056bcf8c0 [ 352.200839] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 352.203493] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 352.208128] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 352.222774] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 352.228239] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 352.229418] CR0=0000000080050033 CR3=0000000082585000 CR4=00000000001426f0 [ 352.245578] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 352.248754] EntryControls=0000d1ff ExitControls=002fefff [ 352.253418] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 14:45:30 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0xfdfdffff00000000}}}) [ 352.265280] *** Control State *** [ 352.269551] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 352.286123] EntryControls=0000d1ff ExitControls=002fefff [ 352.300492] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 352.310180] *** Control State *** [ 352.317238] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 352.318631] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 352.332719] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 352.339925] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000 [ 352.347361] EntryControls=0000d1ff ExitControls=002fefff [ 352.353158] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 352.356830] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 352.361373] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 352.376957] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000 [ 352.381351] reason=80000021 qualification=0000000000000000 [ 352.388552] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 352.397368] reason=80000021 qualification=0000000000000000 [ 352.406250] reason=80000021 qualification=0000000000000000 [ 352.415808] IDTVectoring: info=00000000 errcode=00000000 [ 352.422565] IDTVectoring: info=00000000 errcode=00000000 [ 352.429211] TSC Offset = 0xffffff41267ac891 [ 352.433937] TSC Offset = 0xffffff4125177c8f [ 352.439000] EPT pointer = 0x0000000089d0d01e [ 352.441572] IDTVectoring: info=00000000 errcode=00000000 [ 352.454371] EPT pointer = 0x000000009053c01e [ 352.467677] TSC Offset = 0xffffff4127d35c41 14:45:30 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0xfdfdffffffffffff}}}) 14:45:30 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f00000000c0)={0x2000ec3, 0x5}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = syz_open_dev$dmmidi(&(0x7f0000000140)='/dev/dmmidi#\x00', 0xda, 0x60040) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffff9c, 0x84, 0x71, &(0x7f0000000180)={0x0, 0x8}, &(0x7f00000001c0)=0x8) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000200)={r5, 0x2}, 0x8) ioctl$DRM_IOCTL_SET_MASTER(r4, 0x641e) ioctl$KVM_RUN(r2, 0xae80, 0x0) r6 = syz_open_dev$sndpcmp(&(0x7f0000000100)='/dev/snd/pcmC#D#p\x00', 0x4, 0x20000) ioctl$UI_SET_KEYBIT(r6, 0x40045565, 0x2c4) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:30 executing program 5: r0 = gettid() r1 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/checkreqprot\x00', 0x800, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000000c0)=0xffffffffffffffff, 0x4) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r3 = gettid() openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x3, 0x0) tkill(r3, 0x1000000000016) getpgrp(r0) tkill(r0, 0x16) 14:45:30 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 352.499354] EPT pointer = 0x000000009285901e [ 352.621174] *** Guest State *** 14:45:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x60000000) 14:45:31 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) dup2(r3, r3) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) rt_sigtimedwait(&(0x7f00000000c0)={0xffda}, &(0x7f0000000100), &(0x7f0000000180), 0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) r4 = syz_open_dev$swradio(&(0x7f00000001c0)='/dev/swradio#\x00', 0x1, 0x2) getsockopt$bt_l2cap_L2CAP_LM(r4, 0x6, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000004c0)={r4, &(0x7f0000000400)="ab82136a9f8225fb7aa76f42e4a27326337a2b183e69a53f0c4c5e3dba4a6dfe6876981f2788c0b39db7f3f27fd0a26f9f87d9e7f3cfb5a857c566e8ab8b398a1092b947506bf161a1ff65ded0472e15370725200d19b499e08013909a3bc9bd25293ded9a8976ac0826603e430ab5625225d3eff9f8823c352e406ae78245524c930ca0451cd3889c095529a25be5a1c1c8baa4f4776c63ebf7bba487a2b1bbf4009c21f7d684d6f99f3af4d556d598649a76fc9c147622dd9cd1309dd0", &(0x7f0000000280)=""/9}, 0x18) ioctl(r1, 0x8, &(0x7f0000000500)="b2eb8c5128c0b94cf068a3854aa8e1ceca157503a38f448b39a283e155e92f18b68c8cf75913fee57587c6dbc8b075133d60b9720178f24c7fd383f7452261921f37e3c7b16303b18cf5e38556436c69fdf3bed20d1de7b5268e6894ad668d0e9458dda5a6852d01c0972c8648a239590d4a6b3decfdf48fb72f0ea53ebfd91753f3a9c018269a09e73fc036ad99ca9685dc5a710803678d7f1a1178d93fa42180d9e17ea4ae65fe4726df82d3cd50b1920c083ff528dbf6af91b582ef5f3b027accde4e013ef94ae8f1dbec98c0c7a6acf56568d265387af7b90f82af9b6cd8e74f0b27b1") 14:45:31 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0xfecaedfe00000000}}}) 14:45:31 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f00000000c0)={0x2000ec3, 0x5}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = syz_open_dev$dmmidi(&(0x7f0000000140)='/dev/dmmidi#\x00', 0xda, 0x60040) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffff9c, 0x84, 0x71, &(0x7f0000000180)={0x0, 0x8}, &(0x7f00000001c0)=0x8) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000200)={r5, 0x2}, 0x8) ioctl$DRM_IOCTL_SET_MASTER(r4, 0x641e) ioctl$KVM_RUN(r2, 0xae80, 0x0) r6 = syz_open_dev$sndpcmp(&(0x7f0000000100)='/dev/snd/pcmC#D#p\x00', 0x4, 0x20000) ioctl$UI_SET_KEYBIT(r6, 0x40045565, 0x2c4) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 352.644926] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 352.693773] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 352.730077] CR3 = 0x0000000000000000 [ 352.735489] *** Guest State *** [ 352.738990] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 352.753292] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [ 352.774708] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 352.783368] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:45:31 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0xfffffffffffffdfd}}}) 14:45:31 executing program 2: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x800000000000000, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) [ 352.799191] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 352.817702] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 352.827011] CR3 = 0x0000000000000000 [ 352.837579] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 352.864376] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 352.873251] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 352.898385] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 14:45:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x60000000) 14:45:31 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0xffffffffffffffe7}}}) [ 352.915760] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 352.925125] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 352.926805] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 352.936404] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 352.946312] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 352.983396] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 352.997610] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 353.016911] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:31 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x2}}}) 14:45:31 executing program 2: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x800000000000000, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) [ 353.035496] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 353.063073] GDTR: limit=0x00000000, base=0x0000000000000000 [ 353.084575] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 353.113836] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 353.125988] GDTR: limit=0x00000000, base=0x0000000000000000 [ 353.133859] IDTR: limit=0x00000000, base=0x0000000000000000 [ 353.143592] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 353.154049] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 353.161390] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 353.165681] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 353.169231] Interruptibility = 00000000 ActivityState = 00000000 [ 353.193475] *** Host State *** [ 353.196981] RIP = 0xffffffff811c8cac RSP = 0xffff88805df1f8c0 [ 353.204072] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 353.205508] IDTR: limit=0x00000000, base=0x0000000000000000 [ 353.211085] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 353.229849] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 353.236510] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 353.239374] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 353.245998] CR0=0000000080050033 CR3=0000000098b6a000 CR4=00000000001426e0 [ 353.259634] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 353.272185] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 353.276442] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 353.279019] *** Control State *** [ 353.290683] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 353.299169] EntryControls=0000d1ff ExitControls=002fefff [ 353.302667] Interruptibility = 00000000 ActivityState = 00000000 [ 353.305823] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 353.319826] *** Host State *** [ 353.325076] RIP = 0xffffffff811c8cac RSP = 0xffff88805937f8c0 [ 353.332387] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 353.339609] FSBase=00007f43d5ae8700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 353.347414] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000 [ 353.349010] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 353.361286] CR0=0000000080050033 CR3=000000008f30c000 CR4=00000000001426e0 [ 353.369321] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 353.378185] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 353.389536] *** Control State *** [ 353.392353] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 353.398026] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 353.408396] reason=80000021 qualification=0000000000000000 [ 353.413606] EntryControls=0000d1ff ExitControls=002fefff [ 353.421129] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 353.426875] IDTVectoring: info=00000000 errcode=00000000 [ 353.428440] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 14:45:31 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000040)={0x1, 0x3}, 0x8) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) [ 353.442353] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 353.449195] reason=80000021 qualification=0000000000000000 [ 353.454320] TSC Offset = 0xffffff4082d4761b [ 353.456220] IDTVectoring: info=00000000 errcode=00000000 [ 353.466832] EPT pointer = 0x000000009ed1001e [ 353.476437] TSC Offset = 0xffffff4078ee11de [ 353.494240] EPT pointer = 0x00000000a14d601e 14:45:31 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:31 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x5}}}) 14:45:32 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r4 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cachefiles\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000100)=@assoc_value={0x0, 0x1}, &(0x7f0000000140)=0x8) setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r4, 0x84, 0x23, &(0x7f0000000180)={r5, 0x1}, 0x8) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x3f00) 14:45:32 executing program 2: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x800000000000000, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:45:32 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0xe7}}}) [ 353.626858] *** Guest State *** [ 353.652450] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 353.684195] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:45:32 executing program 0 (fault-call:10 fault-nth:0): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:45:32 executing program 2 (fault-call:8 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:45:32 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x500}}}) [ 353.734403] CR3 = 0x0000000000000000 [ 353.748259] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 14:45:32 executing program 1: openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/checkreqprot\x00', 0x8000, 0x0) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp\x00', 0x20000, 0x0) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 353.799088] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 353.857764] FAULT_INJECTION: forcing a failure. [ 353.857764] name failslab, interval 1, probability 0, space 0, times 0 [ 353.877072] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 353.891127] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 353.916763] CPU: 1 PID: 19312 Comm: syz-executor.2 Not tainted 4.19.34 #2 [ 353.924809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 353.924823] Call Trace: [ 353.924849] dump_stack+0x172/0x1f0 [ 353.924883] should_fail.cold+0xa/0x1b [ 353.949129] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 353.971212] ? lock_downgrade+0x810/0x810 [ 353.971228] ? ___might_sleep+0x163/0x280 [ 353.971248] __should_failslab+0x121/0x190 [ 353.971264] should_failslab+0x9/0x14 [ 353.971275] kmem_cache_alloc_trace+0x2cf/0x760 [ 353.971297] ? __lock_acquire+0x6eb/0x48f0 [ 353.971381] kvm_vcpu_ioctl+0x38a/0xfa0 [ 353.971396] ? kvm_vcpu_block+0xcd0/0xcd0 [ 353.987685] ? mark_held_locks+0x100/0x100 [ 353.987703] ? proc_fail_nth_write+0x9d/0x1e0 [ 353.987716] ? proc_cwd_link+0x1d0/0x1d0 [ 353.987730] ? __f_unlock_pos+0x19/0x20 [ 353.987749] ? find_held_lock+0x35/0x130 [ 354.014391] ? __fget+0x340/0x540 [ 354.014411] ? find_held_lock+0x35/0x130 [ 354.014426] ? __fget+0x340/0x540 [ 354.014441] ? kvm_vcpu_block+0xcd0/0xcd0 [ 354.014458] do_vfs_ioctl+0xd6e/0x1390 [ 354.014476] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 354.014491] ? selinux_file_ioctl+0x125/0x5e0 [ 354.014507] ? ioctl_preallocate+0x210/0x210 [ 354.014518] ? selinux_file_mprotect+0x620/0x620 [ 354.014538] ? iterate_fd+0x360/0x360 [ 354.101676] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 354.107306] ? fput+0x128/0x1a0 [ 354.110854] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 354.116737] ? security_file_ioctl+0x93/0xc0 [ 354.121150] ksys_ioctl+0xab/0xd0 [ 354.124607] __x64_sys_ioctl+0x73/0xb0 [ 354.128489] do_syscall_64+0x103/0x610 [ 354.132393] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 354.137921] RIP: 0033:0x458c29 [ 354.141304] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 354.160562] RSP: 002b:00007fd6aa90fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:45:32 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x2000}}}) [ 354.168438] RAX: ffffffffffffffda RBX: 00007fd6aa90fc90 RCX: 0000000000458c29 [ 354.175900] RDX: 0000000000000000 RSI: 000000008090ae81 RDI: 0000000000000005 [ 354.183251] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 354.190698] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd6aa9106d4 [ 354.198061] R13: 00000000004c1baf R14: 00000000004d43d0 R15: 0000000000000007 [ 354.254455] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 354.290042] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 354.317216] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 354.332972] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 354.344679] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 354.357071] GDTR: limit=0x00000000, base=0x0000000000000000 [ 354.370526] FAULT_INJECTION: forcing a failure. [ 354.370526] name failslab, interval 1, probability 0, space 0, times 0 [ 354.373689] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 354.396295] CPU: 0 PID: 19317 Comm: syz-executor.0 Not tainted 4.19.34 #2 [ 354.403649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 354.413596] Call Trace: [ 354.416299] dump_stack+0x172/0x1f0 [ 354.420444] should_fail.cold+0xa/0x1b [ 354.424322] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 354.429642] ? lock_downgrade+0x810/0x810 [ 354.434498] ? ___might_sleep+0x163/0x280 [ 354.438731] __should_failslab+0x121/0x190 [ 354.443134] should_failslab+0x9/0x14 [ 354.447708] kmem_cache_alloc+0x2b1/0x700 [ 354.451866] ? trace_hardirqs_on+0x67/0x230 [ 354.456280] ? lock_sock_nested+0x9a/0x120 [ 354.460618] fasync_helper+0x40/0xb2 [ 354.465068] sock_fasync+0xc1/0x160 [ 354.468692] ? copy_overflow+0x30/0x30 [ 354.472599] do_fcntl+0xafe/0x1040 [ 354.476149] ? f_getown+0xc0/0xc0 [ 354.479595] ? selinux_file_fcntl+0x7a/0x150 [ 354.484086] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 354.489714] ? security_file_fcntl+0x93/0xc0 [ 354.494215] __x64_sys_fcntl+0x16d/0x1e0 [ 354.498888] do_syscall_64+0x103/0x610 [ 354.506683] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 354.513512] RIP: 0033:0x458c29 [ 354.516966] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 354.541088] RSP: 002b:00007f00af9fec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 354.549923] RAX: ffffffffffffffda RBX: 00007f00af9fec90 RCX: 0000000000458c29 [ 354.557444] RDX: 0000000000042803 RSI: 0000000000000004 RDI: 0000000000000003 14:45:33 executing program 5: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/enforce\x00', 0x0, 0x0) getsockopt$X25_QBITINCL(r0, 0x106, 0x1, &(0x7f0000000080), &(0x7f00000000c0)=0x4) r1 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r3 = gettid() tkill(r3, 0x1000000000016) tkill(r1, 0x16) [ 354.565320] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 354.573031] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f00af9ff6d4 [ 354.580907] R13: 00000000004bf3a4 R14: 00000000004d0740 R15: 0000000000000004 [ 354.620169] IDTR: limit=0x00000000, base=0x0000000000000000 [ 354.636781] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 354.646745] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 354.658778] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 354.667483] Interruptibility = 00000000 ActivityState = 00000000 [ 354.675873] *** Host State *** [ 354.679203] RIP = 0xffffffff811c8cac RSP = 0xffff88804c2078c0 [ 354.685691] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 354.692527] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 354.700634] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 354.706537] CR0=0000000080050033 CR3=0000000089d81000 CR4=00000000001426f0 [ 354.713923] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 354.720707] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 354.726772] *** Control State *** [ 354.730708] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 354.737563] EntryControls=0000d1ff ExitControls=002fefff [ 354.743403] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 354.750598] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000 [ 354.757817] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 354.764627] reason=80000021 qualification=0000000000000000 14:45:33 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:33 executing program 1: pipe(&(0x7f0000000180)={0xffffffffffffffff}) ioctl$KVM_RUN(r0, 0xae80, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = dup(r1) ioctl$SIOCRSACCEPT(r3, 0x89e3) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r5, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) r6 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x800c0, 0x0) getsockopt$netrom_NETROM_T4(r6, 0x103, 0x6, &(0x7f0000000100)=0xffffffffffffffc1, &(0x7f0000000140)=0x4) ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 14:45:33 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0xe7ff}}}) 14:45:33 executing program 2 (fault-call:8 fault-nth:1): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 354.771129] IDTVectoring: info=00000000 errcode=00000000 [ 354.776667] TSC Offset = 0xffffff3ffc9a1932 [ 354.781199] EPT pointer = 0x000000008e55101e 14:45:33 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0xfdfd}}}) 14:45:33 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) socket$bt_cmtp(0x1f, 0x3, 0x5) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 354.941874] *** Guest State *** [ 354.958936] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 354.980616] *** Guest State *** [ 354.988870] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 354.991095] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 355.001363] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 355.013642] CR3 = 0x0000000000000000 [ 355.021842] CR3 = 0x0000000000000000 [ 355.025774] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 355.032583] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 355.032759] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 355.040444] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 355.053282] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 355.059918] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 355.062070] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 355.077425] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 355.077954] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 355.086337] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 355.101421] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 355.102776] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 355.109755] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 355.123378] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 355.126054] GDTR: limit=0x00000000, base=0x0000000000000000 [ 355.140293] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 355.142179] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 355.155989] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 355.158741] IDTR: limit=0x00000000, base=0x0000000000000000 [ 355.167243] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 355.175366] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 355.188628] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 355.191619] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 355.199845] GDTR: limit=0x00000000, base=0x0000000000000000 [ 355.206092] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 355.221802] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 355.221816] IDTR: limit=0x00000000, base=0x0000000000000000 [ 355.230013] Interruptibility = 00000000 ActivityState = 00000000 [ 355.250685] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 355.251083] *** Host State *** [ 355.266442] RIP = 0xffffffff811c8cac RSP = 0xffff88805a1b78c0 [ 355.268825] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 355.272860] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 355.282889] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 355.288218] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 355.301415] Interruptibility = 00000000 ActivityState = 00000000 [ 355.305998] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 355.337558] *** Host State *** [ 355.338741] CR0=0000000080050033 CR3=000000008ede7000 CR4=00000000001426f0 [ 355.342221] RIP = 0xffffffff811c8cac RSP = 0xffff88804b89f8c0 [ 355.349295] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 355.367380] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 355.369766] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 355.376914] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 355.383617] *** Control State *** [ 355.396103] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 355.398484] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 355.404656] EntryControls=0000d1ff ExitControls=002fefff [ 355.421308] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 355.428300] CR0=0000000080050033 CR3=0000000083608000 CR4=00000000001426e0 [ 355.429568] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 355.437794] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 355.444056] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 355.456416] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 355.458685] reason=80000021 qualification=0000000000000000 [ 355.467964] *** Control State *** [ 355.473271] IDTVectoring: info=00000000 errcode=00000000 [ 355.481080] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 355.488394] EntryControls=0000d1ff ExitControls=002fefff [ 355.491612] TSC Offset = 0xffffff3f4064440f [ 355.498787] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 355.499881] EPT pointer = 0x000000008fc5601e [ 355.507245] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 355.530064] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 355.540134] reason=80000021 qualification=0000000000000000 [ 355.547170] IDTVectoring: info=00000000 errcode=00000000 [ 355.557017] TSC Offset = 0xffffff3f461f48fe [ 355.562340] EPT pointer = 0x0000000087fb001e 14:45:35 executing program 0 (fault-call:10 fault-nth:1): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:45:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 14:45:35 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0xffe7}}}) 14:45:35 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tgkill(r2, r2, 0x1d) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x129cc0, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000080)={0x5, 0x8, 0x1, 0x5, 0x3, 0x6, 0x6, 0x2, 0x0}, &(0x7f00000000c0)=0x20) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f0000000100)={0xb0, 0x66, 0x80000000000008, 0x6, 0x2, 0x1f, 0x200, 0xe262, r4}, 0x1a1) tkill(r2, 0x1000000000016) tkill(r0, 0x16) getsockopt$IP_VS_SO_GET_SERVICE(r3, 0x0, 0x483, &(0x7f0000000140), &(0x7f00000001c0)=0x68) 14:45:35 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x80000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:35 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:35 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x1000000}}}) [ 356.886465] *** Guest State *** [ 356.897082] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 356.908084] *** Guest State *** [ 356.925183] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 14:45:35 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x14, 0x200000001}, &(0x7f0000000080)) get_thread_area(&(0x7f0000000040)={0x1000, 0x20000800, 0x4000, 0x2, 0x95e, 0xfffffffffffffff8, 0x5, 0x2, 0xf9e2, 0xfffffffffffffffd}) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = accept(0xffffffffffffff9c, &(0x7f0000000100)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000180)=0x80) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000001c0)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in6=@local}}, &(0x7f00000002c0)=0xe8) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'ifb0\x00', r2}) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r4 = gettid() tkill(r4, 0x1000000000016) tkill(r0, 0xc) [ 356.935999] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:45:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x2, 0x0) [ 356.979848] CR3 = 0x0000000000000000 [ 356.989183] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 357.009865] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 357.029036] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 357.058182] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 357.064662] CR3 = 0x0000000000000000 14:45:35 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x2000000}}}) 14:45:35 executing program 5: r0 = gettid() ptrace$cont(0xffffffffffffffff, r0, 0x78d, 0x1) r1 = syz_open_dev$cec(&(0x7f00000000c0)='/dev/cec#\x00', 0x2, 0x2) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000140)={{0x2, 0x3, 0x0, 0x0, 'syz1\x00'}, 0x0, 0x1, 0xb6, r0, 0x6, 0x1, 'syz0\x00', &(0x7f0000000100)=['{.\x00', '\x00', '\x00', 'user\x00', '$nodevvmnet1/#losecurityselfppp1]\x00', '@\x00'], 0x2e, [], [0x81, 0x80000001, 0x8e7, 0x1f]}) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x2d8, 0x77919ce2) r3 = gettid() tkill(r3, 0x1000000000016) syz_open_procfs$namespace(r3, &(0x7f0000000280)='ns/ipc\x00') r4 = dup2(r2, r2) ioctl$UI_SET_ABSBIT(r4, 0x40045567, 0x1) tkill(r0, 0x16) sendto$llc(r4, &(0x7f0000000040)="4896d8cd1c43b2b2597ec4", 0xb, 0x90, &(0x7f0000000080)={0x1a, 0x31f, 0x0, 0x3f, 0x5, 0x8, @broadcast}, 0x10) [ 357.083809] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 357.106265] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 357.107958] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 357.122983] RFLAGS=0x00010002 DR7 = 0x0000000000000400 14:45:35 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x5000000}}}) [ 357.164172] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 357.172848] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 357.197663] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 357.204009] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 357.238377] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 357.256322] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 357.256377] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 357.295789] GDTR: limit=0x00000000, base=0x0000000000000000 [ 357.303097] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 357.331693] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 357.354008] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 357.366993] IDTR: limit=0x00000000, base=0x0000000000000000 [ 357.402459] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 357.415512] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 357.424085] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 357.431002] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 357.439435] Interruptibility = 00000000 ActivityState = 00000000 [ 357.439581] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 357.448617] *** Host State *** [ 357.457731] RIP = 0xffffffff811c8cac RSP = 0xffff88805967f8c0 [ 357.459381] FAULT_INJECTION: forcing a failure. [ 357.459381] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 357.464871] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 357.476049] CPU: 1 PID: 19380 Comm: syz-executor.0 Not tainted 4.19.34 #2 [ 357.476056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 357.476060] Call Trace: [ 357.476085] dump_stack+0x172/0x1f0 [ 357.476103] should_fail.cold+0xa/0x1b [ 357.476118] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 357.476136] ? mark_held_locks+0x100/0x100 [ 357.476161] __alloc_pages_nodemask+0x1ee/0x760 [ 357.476177] ? __alloc_pages_slowpath+0x2870/0x2870 [ 357.483668] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 357.490426] cache_grow_begin+0x9c/0x8c0 [ 357.490445] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 357.490460] ? check_preemption_disabled+0x48/0x290 [ 357.490476] kmem_cache_alloc+0x63e/0x700 [ 357.490489] ? trace_hardirqs_on+0x67/0x230 [ 357.490508] ? lock_sock_nested+0x9a/0x120 [ 357.500725] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 357.503194] fasync_helper+0x40/0xb2 [ 357.503214] sock_fasync+0xc1/0x160 [ 357.503230] ? copy_overflow+0x30/0x30 [ 357.507059] CR0=0000000080050033 CR3=00000000a4f2c000 CR4=00000000001426f0 [ 357.511207] do_fcntl+0xafe/0x1040 [ 357.511224] ? f_getown+0xc0/0xc0 [ 357.511243] ? selinux_file_fcntl+0x7a/0x150 [ 357.511260] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 357.511275] ? security_file_fcntl+0x93/0xc0 [ 357.511289] __x64_sys_fcntl+0x16d/0x1e0 [ 357.511312] do_syscall_64+0x103/0x610 [ 357.516630] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 357.521095] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 357.521108] RIP: 0033:0x458c29 [ 357.521122] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 357.521128] RSP: 002b:00007f00af9fec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 357.521150] RAX: ffffffffffffffda RBX: 00007f00af9fec90 RCX: 0000000000458c29 [ 357.521157] RDX: 0000000000042803 RSI: 0000000000000004 RDI: 0000000000000003 [ 357.521164] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 357.521172] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f00af9ff6d4 14:45:36 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:45:36 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x20000000}}}) 14:45:36 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x2) tkill(r0, 0x16) 14:45:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x4b47, 0x0) [ 357.521179] R13: 00000000004bf3a4 R14: 00000000004d0740 R15: 0000000000000004 [ 357.528975] GDTR: limit=0x00000000, base=0x0000000000000000 [ 357.531352] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 357.540586] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 357.544658] *** Control State *** [ 357.555673] IDTR: limit=0x00000000, base=0x0000000000000000 [ 357.560646] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 357.565207] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 357.569246] EntryControls=0000d1ff ExitControls=002fefff [ 357.581435] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 357.583927] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 357.588991] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 357.599023] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 357.599035] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 357.607932] Interruptibility = 00000000 ActivityState = 00000000 [ 357.611171] reason=80000021 qualification=0000000000000000 [ 357.616925] *** Host State *** [ 357.621217] IDTVectoring: info=00000000 errcode=00000000 [ 357.632154] RIP = 0xffffffff811c8cac RSP = 0xffff8880593478c0 [ 357.639518] TSC Offset = 0xffffff3e3a8a5a45 [ 357.646634] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 357.680379] EPT pointer = 0x000000008ec6601e [ 357.693994] FSBase=00007f43d5ae8700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 357.719477] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 357.863701] CR0=0000000080050033 CR3=00000000a19a5000 CR4=00000000001426e0 [ 357.892787] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 357.906300] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 357.945790] *** Guest State *** [ 357.961201] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 357.983339] *** Control State *** [ 357.989210] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 358.000470] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 358.022189] EntryControls=0000d1ff ExitControls=002fefff [ 358.028390] CR3 = 0x0000000000000000 [ 358.031258] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 358.033386] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 358.049591] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 358.053096] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 358.062800] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 358.069208] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 358.077225] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 358.083445] reason=80000021 qualification=0000000000000000 [ 358.098625] IDTVectoring: info=00000000 errcode=00000000 [ 358.115936] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 358.124952] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 358.129860] TSC Offset = 0xffffff3e39450a8b [ 358.145636] EPT pointer = 0x000000009394a01e [ 358.150889] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 358.163946] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 358.176959] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 358.186991] GDTR: limit=0x00000000, base=0x0000000000000000 [ 358.197067] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 358.207259] IDTR: limit=0x00000000, base=0x0000000000000000 [ 358.216332] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 358.224834] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 358.231989] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 358.239943] Interruptibility = 00000000 ActivityState = 00000000 [ 358.246363] *** Host State *** [ 358.249733] RIP = 0xffffffff811c8cac RSP = 0xffff88805c2978c0 [ 358.255731] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 358.262448] FSBase=00007f43d5aa6700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 358.270451] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 358.276354] CR0=0000000080050033 CR3=00000000a19a5000 CR4=00000000001426f0 [ 358.283440] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 358.290260] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 358.296786] *** Control State *** [ 358.300478] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 358.307966] EntryControls=0000d1ff ExitControls=002fefff [ 358.313667] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 358.320841] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 14:45:36 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x2282, 0x0) r4 = syz_open_dev$media(&(0x7f0000000100)='/dev/media#\x00', 0x1, 0x200101) write$P9_RUNLINKAT(r4, &(0x7f0000000140)={0x7, 0x4d, 0x2}, 0x7) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:36 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:36 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0xe7ffffff}}}) 14:45:36 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/hash_stats\x00', 0x0, 0x0) 14:45:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x4b49, 0x0) [ 358.327516] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 358.334594] reason=80000021 qualification=0000000000000000 [ 358.342285] IDTVectoring: info=00000000 errcode=00000000 [ 358.347759] TSC Offset = 0xffffff3dacccda01 [ 358.352167] EPT pointer = 0x00000000a10fd01e 14:45:36 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0xfdfdffff}}}) [ 358.458443] *** Guest State *** [ 358.471741] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 358.483800] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 358.495461] CR3 = 0x0000000000000000 [ 358.501051] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 358.513804] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 358.520564] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 358.528047] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 358.539565] *** Guest State *** [ 358.549535] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 358.562923] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 358.574712] SS: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 358.578327] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 358.585882] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 358.603949] CR3 = 0x0000000000000000 [ 358.606855] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 358.613835] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 358.628295] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 358.638936] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 358.642774] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:37 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0xfecaedfe}}}) 14:45:37 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x541b, 0x0) [ 358.652557] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 358.677910] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 358.682051] GDTR: limit=0x00000000, base=0x0000000000000000 [ 358.694962] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 358.710053] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 358.725937] IDTR: limit=0x00000000, base=0x0000000000000000 [ 358.735873] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 358.759249] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 358.770424] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 358.779006] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 358.787881] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 358.800009] GDTR: limit=0x00000000, base=0x0000000000000000 [ 358.810966] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 358.818795] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 358.829975] Interruptibility = 00000000 ActivityState = 00000000 [ 358.837129] IDTR: limit=0x00000000, base=0x0000000000000000 [ 358.846700] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 358.855546] *** Host State *** [ 358.859018] RIP = 0xffffffff811c8cac RSP = 0xffff88805af478c0 [ 358.865975] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 358.873136] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 358.880380] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 358.880773] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 358.888502] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 358.902112] Interruptibility = 00000000 ActivityState = 00000000 [ 358.903687] CR0=0000000080050033 CR3=00000000a19a5000 CR4=00000000001426e0 [ 358.909636] *** Host State *** [ 358.917173] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 358.925520] RIP = 0xffffffff811c8cac RSP = 0xffff88809f0f78c0 [ 358.927458] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 358.933884] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 358.940067] *** Control State *** [ 358.950771] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 358.952244] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 358.957863] EntryControls=0000d1ff ExitControls=002fefff [ 358.966482] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 358.972789] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 358.983757] CR0=0000000080050033 CR3=0000000091a33000 CR4=00000000001426f0 [ 358.985837] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 358.999638] VMExit: intr_info=00000000 errcode=00000000 ilen=00000006 [ 359.000353] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 359.007516] reason=80000021 qualification=0000000000000000 [ 359.014293] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 359.020822] IDTVectoring: info=00000000 errcode=00000000 [ 359.031766] *** Control State *** [ 359.032582] TSC Offset = 0xffffff3d63456596 [ 359.035825] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 359.040433] EPT pointer = 0x00000000884cd01e [ 359.052362] EntryControls=0000d1ff ExitControls=002fefff [ 359.058296] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 359.067563] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 359.075041] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 359.082293] reason=80000021 qualification=0000000000000000 [ 359.091854] IDTVectoring: info=00000000 errcode=00000000 [ 359.098935] TSC Offset = 0xffffff3d59a13598 [ 359.103918] EPT pointer = 0x0000000093f6701e 14:45:39 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x5, 0x42803) 14:45:39 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x5421, 0x0) 14:45:39 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:39 executing program 5: gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x77359400}, {0x0, 0x1c9c380}}, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r1 = gettid() tkill(r1, 0x1000000000016) tkill(r1, 0x16) prctl$PR_GET_CHILD_SUBREAPER(0x25) 14:45:39 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe7000/0x18000)=nil, 0x0, 0xfffffeb8, 0x0, 0x0, 0xfffffffffffffef2) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:39 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0xfeedcafe}}}) 14:45:39 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0xfffffdfd}}}) 14:45:39 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 360.874558] *** Guest State *** [ 360.895660] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 360.936848] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 360.954023] CR3 = 0x0000000000000000 [ 360.959086] RSP = 0x0000000000001fc4 RIP = 0x0000000000003e05 [ 360.968342] RFLAGS=0x00010006 DR7 = 0x0000000000000400 14:45:39 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0xffffffe7}}}) 14:45:39 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x5450, 0x0) [ 360.990649] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 361.026052] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:39 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 361.060146] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 361.085638] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 14:45:39 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x100000000000000}}}) [ 361.129883] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 361.164945] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 361.208022] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 361.244252] GDTR: limit=0x00000000, base=0x0000000000000000 14:45:39 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x200000000000000}}}) [ 361.253684] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 361.275365] IDTR: limit=0x00000000, base=0x0000000000000000 [ 361.288937] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 361.310207] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 361.342450] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 361.374880] Interruptibility = 00000000 ActivityState = 00000000 [ 361.394373] *** Host State *** [ 361.397829] RIP = 0xffffffff811c8cac RSP = 0xffff88804bcef8c0 [ 361.414792] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 361.428931] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 361.437672] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 361.443963] CR0=0000000080050033 CR3=0000000093266000 CR4=00000000001426f0 [ 361.452069] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 361.459437] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 361.466391] *** Control State *** [ 361.471797] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 361.479090] EntryControls=0000d1ff ExitControls=002fefff [ 361.485207] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 361.493341] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 361.501447] VMExit: intr_info=00000000 errcode=00000000 ilen=00000006 [ 361.508838] reason=80000021 qualification=0000000000000000 [ 361.515494] IDTVectoring: info=00000000 errcode=00000000 [ 361.521155] TSC Offset = 0xffffff3c1e90794f [ 361.525512] EPT pointer = 0x000000009fcd801e 14:45:42 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x6, 0x42803) 14:45:42 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:42 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x5451, 0x0) 14:45:42 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x500000000000000}}}) 14:45:42 executing program 1: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x400040, 0x0) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140)='TIPCv2\x00') sendmsg$TIPC_NL_MON_GET(r0, &(0x7f00000001c0)={&(0x7f0000000100), 0xc, &(0x7f0000000180)={&(0x7f0000000400)={0x3c4, r1, 0x6, 0x70bd29, 0x25dfdbfb, {}, [@TIPC_NLA_NET={0x38, 0x7, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x9}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x8}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x20}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5c71}, @TIPC_NLA_NET_ID={0x8}]}, @TIPC_NLA_SOCK={0x20, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x3}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xfffffffffffffff8}]}, @TIPC_NLA_MON={0x44, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfffffffffffffffc}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7d6}]}, @TIPC_NLA_LINK={0x11c, 0x4, [@TIPC_NLA_LINK_PROP={0x2c, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x100}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1d04}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}]}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xcc1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}]}, @TIPC_NLA_LINK_PROP={0x24, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xff}]}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffffffffdde}]}, @TIPC_NLA_LINK_PROP={0x44, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x800}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x401}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x81}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1ff}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}]}, @TIPC_NLA_MEDIA={0xf0, 0x5, [@TIPC_NLA_MEDIA_PROP={0x34, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x197}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x800}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xff}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffffffffba50}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x40}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000000}]}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xd8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffffffffffffffa3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xff}]}]}, @TIPC_NLA_MON={0x34, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7f}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x401}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x401}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xb1}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x80000000}]}, @TIPC_NLA_LINK={0x28, 0x4, [@TIPC_NLA_LINK_PROP={0x24, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x49d3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xb97}]}]}, @TIPC_NLA_MEDIA={0xac, 0x5, [@TIPC_NLA_MEDIA_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6b40}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xd3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x32f7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80000000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7fffffff}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}]}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x100000001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x401}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffffffffff7}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x10000}]}]}]}, 0x3c4}, 0x1, 0x0, 0x0, 0x48000}, 0x4040850) ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000200)={0xdd0, 0x7, 0x4, 0x4040000, {0x77359400}, {0x5, 0x2, 0x8, 0x8001, 0x1, 0x513f, "21dfaad8"}, 0x400, 0x4, @offset=0x4, 0x4}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r5, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r6 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) sendmsg$key(r0, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130022000000000000000010000105000600200000000a00000000000000000500e50000070000001f0000000000000300000000000002000100f5000000000000020000000005000500000000000a00000000f48d000000000000000000001700"/128], 0x80}}, 0x0) sendmmsg(r6, &(0x7f0000000180), 0x400000000000002, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe01}, {}, {0x0, 0x8000000000}, {0x0, 0x0, 0x0, 0x4, 0x80000003f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 14:45:42 executing program 5: r0 = gettid() socket$inet_udplite(0x2, 0x2, 0x88) timer_create(0x0, &(0x7f0000000040)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000200)="0a00004987dc0d07d070d81f15eec581b0145d1e4b92009599f5947bd8c2b97625b24e56ede47247013cd324ad487fb95ad09b21e968fee0ef6ec63f54f2885640960ef14fbd0bb0e41dd6d83f33a6dbe12a3c1b0ffb41b558e0cdf36cd00b56f16b81cfbb15405ddd00af83f577b58d1f08f3968c030000002e6420990fae20a588ac9c5dae0eb68f9bcad61a42f58daf87b294e2ffd0599f") ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r1, 0x400c6615, &(0x7f0000000080)) ptrace$setregs(0xd, r0, 0x1, &(0x7f00000000c0)="2c852170add932649b25f45aef8fcf89adf92bf4bc0645658f0f7b9ce043b8b70eebd58ad640323ee20c41ee0256ba3a2abe707d126ea5247264153936c8dfd087efb05ed931") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() r3 = pkey_alloc(0x0, 0x2) pkey_free(r3) fcntl$getownex(r1, 0x10, &(0x7f0000000180)) tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:45:42 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x2000000000000000}}}) [ 363.884434] *** Guest State *** [ 363.892508] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 363.905535] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 363.922368] CR3 = 0x0000000000000000 14:45:42 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 363.955929] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 363.971593] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 363.992224] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 14:45:42 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0xe7ffffffffffffff}}}) [ 364.019203] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 364.050917] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 364.086333] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 364.109942] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 364.128405] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:42 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x5452, 0x0) 14:45:42 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 364.147198] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 364.168670] GDTR: limit=0x00000000, base=0x0000000000000000 [ 364.179959] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 364.188172] IDTR: limit=0x00000000, base=0x0000000000000000 14:45:42 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0xfdfdffff00000000}}}) [ 364.224722] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 364.279454] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 364.319156] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 364.346371] Interruptibility = 00000000 ActivityState = 00000000 [ 364.363834] *** Host State *** [ 364.367687] RIP = 0xffffffff811c8cac RSP = 0xffff88805dd7f8c0 [ 364.380150] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 364.386989] FSBase=00007f43d5ae8700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 364.396621] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 364.403267] CR0=0000000080050033 CR3=000000009fd8a000 CR4=00000000001426e0 [ 364.411604] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 364.420698] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 364.427325] *** Control State *** [ 364.431330] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 364.438187] EntryControls=0000d1ff ExitControls=002fefff [ 364.444291] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 364.452474] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 364.461272] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 364.468319] reason=80000021 qualification=0000000000000000 [ 364.478736] IDTVectoring: info=00000000 errcode=00000000 [ 364.491744] TSC Offset = 0xffffff3a7aae2547 [ 364.496433] EPT pointer = 0x00000000a581d01e 14:45:45 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) r3 = openat(r1, &(0x7f00000000c0)='./file0\x00', 0x202080, 0x3) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000100)={0x0}, &(0x7f0000000140)=0x8) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000180)={r4, 0x7}, 0x8) 14:45:45 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0xfdfdffffffffffff}}}) 14:45:45 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:45 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x5460, 0x0) 14:45:45 executing program 1: r0 = syz_open_dev$dmmidi(&(0x7f0000000140)='/dev/dmmidi#\x00', 0xfffffffffffffff8, 0x4000) ioctl$KVM_SET_VCPU_EVENTS(r0, 0x4040aea0, &(0x7f0000000180)={0x1, 0x5, 0xfff, 0x0, 0x0, 0x7, 0x2a9, 0x5, 0x9, 0x6, 0x8001, 0x9, 0x0, 0xcb7c, 0x783, 0x81, 0xd7, 0x2, 0x1}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = open(&(0x7f00000000c0)='./file0\x00', 0x20841, 0xc) ioctl$PPPIOCCONNECT(r5, 0x4004743a, &(0x7f0000000100)=0x3) 14:45:45 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$sock_inet_SIOCGIFDSTADDR(r1, 0x8917, &(0x7f0000000040)={'teql0\x00', {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x14}}}) poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:45:45 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0xfecaedfe00000000}}}) [ 366.951325] *** Guest State *** [ 366.956641] *** Guest State *** [ 366.967639] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 366.977028] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 366.998811] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 367.009203] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 367.020080] CR3 = 0x0000000000000000 [ 367.035849] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 367.037686] CR3 = 0x0000000000000000 14:45:45 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0xfffffffffffffdfd}}}) [ 367.066796] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 367.084489] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 367.100910] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 367.111341] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 367.120814] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 367.143131] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:45 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0xffffffffffffffe7}}}) [ 367.166506] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 367.182320] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 367.187939] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 367.221962] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 367.253794] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 367.259859] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:45 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 367.279491] GDTR: limit=0x00000000, base=0x0000000000000000 [ 367.301335] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:45 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x2}}}) [ 367.337375] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 367.338696] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 367.371396] IDTR: limit=0x00000000, base=0x0000000000000000 [ 367.399937] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 367.420481] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 367.449215] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 367.457470] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 367.481971] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 14:45:45 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r1, 0x800442d4, &(0x7f0000001200)=0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f00000011c0)={0x0, 0x1, &(0x7f00000000c0)=""/2, &(0x7f0000000100)=""/139, &(0x7f00000001c0)=""/4096, 0x6004}) [ 367.500041] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 367.504785] Interruptibility = 00000000 ActivityState = 00000000 [ 367.518021] GDTR: limit=0x00000000, base=0x0000000000000000 [ 367.524734] *** Host State *** [ 367.533223] RIP = 0xffffffff811c8cac RSP = 0xffff88805abcf8c0 [ 367.540947] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 14:45:46 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x5}}}) [ 367.548683] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 367.566251] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 367.579939] IDTR: limit=0x00000000, base=0x0000000000000000 [ 367.593311] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 14:45:46 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x40049409, 0x0) [ 367.607238] CR0=0000000080050033 CR3=0000000089795000 CR4=00000000001426f0 [ 367.616876] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 367.617017] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 367.636024] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 367.669375] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 367.681363] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 367.700098] *** Control State *** [ 367.708794] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 367.727523] Interruptibility = 00000000 ActivityState = 00000000 [ 367.774371] *** Host State *** [ 367.789192] EntryControls=0000d1ff ExitControls=002fefff [ 367.826249] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 367.836208] RIP = 0xffffffff811c8cac RSP = 0xffff888060d8f8c0 [ 367.851503] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 367.856357] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 367.873105] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 367.881093] reason=80000021 qualification=0000000000000000 [ 367.885870] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 367.889320] IDTVectoring: info=00000000 errcode=00000000 [ 367.903300] TSC Offset = 0xffffff38d69af091 [ 367.908137] EPT pointer = 0x000000009b4e901e [ 367.919295] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 14:45:46 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:46 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0xe7}}}) [ 367.944095] CR0=0000000080050033 CR3=000000009a09d000 CR4=00000000001426f0 [ 367.993853] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 368.019898] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 368.039137] *** Control State *** [ 368.047212] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 368.069052] EntryControls=0000d1ff ExitControls=002fefff [ 368.077893] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 368.079539] *** Guest State *** [ 368.090746] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 368.097525] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 368.100793] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 368.110663] reason=80000021 qualification=0000000000000000 [ 368.119643] IDTVectoring: info=00000000 errcode=00000000 [ 368.125671] TSC Offset = 0xffffff38d6f159d0 [ 368.130774] EPT pointer = 0x00000000930fa01e [ 368.134148] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:45:46 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x1, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x0, 0x200040) getsockopt$inet_opts(r1, 0x0, 0x9, &(0x7f0000000100)=""/123, &(0x7f00000001c0)=0x7b) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0) ioctl$sock_inet_tcp_SIOCOUTQNSD(r3, 0x894b, &(0x7f0000000080)) poll(0x0, 0x0, 0x77919ce2) r4 = gettid() tkill(r4, 0x1000000000016) tkill(r0, 0x16) 14:45:46 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x4004ae8b, 0x0) 14:45:46 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$radio(&(0x7f00000000c0)='/dev/radio#\x00', 0x3, 0x2) write$input_event(r3, &(0x7f0000000100)={{0x77359400}, 0x3, 0xdd, 0xffffffffffffff69}, 0x18) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}, {0x0, 0x0, 0x3}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:46 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x500}}}) [ 368.147686] CR3 = 0x0000000000000000 [ 368.154581] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 368.163542] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 368.193440] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 368.219004] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:46 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x2000}}}) [ 368.239900] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 368.260906] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 368.274357] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 368.284998] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 368.301900] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 368.315413] GDTR: limit=0x00000000, base=0x0000000000000000 [ 368.335105] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 368.346622] IDTR: limit=0x00000000, base=0x0000000000000000 [ 368.356848] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 368.366891] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 368.375633] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 368.384525] Interruptibility = 00000000 ActivityState = 00000000 [ 368.392411] *** Host State *** [ 368.396304] RIP = 0xffffffff811c8cac RSP = 0xffff8880568df8c0 14:45:46 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0xe7ff}}}) [ 368.405219] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 368.417013] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 368.428429] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 368.435889] CR0=0000000080050033 CR3=000000008b51a000 CR4=00000000001426f0 [ 368.444184] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 14:45:46 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$EVIOCGKEY(r2, 0x80404518, &(0x7f0000000400)=""/110) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000280)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x3d, 0x40, 0x3, 0x3f, 0x20, 0x1, 0x40, 0x4, 0x0, 0x4, 0x7f, 0x7fff, 0x9, 0xfc, 0x20, 0x400], 0x1, 0x300040}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000041000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f0000000180)="36360f01ca66b9b60b00000f3266b8630000000f23c00f21f86635020000000f23f80fc729640f300f01c9b805008ec866b93f03000066b80100000066ba000000000f3064da82000066b9800000c00f326635004000000f30", 0x59}], 0x1, 0x33, &(0x7f0000000240), 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 368.452841] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 368.461458] *** Control State *** [ 368.465537] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 368.476982] EntryControls=0000d1ff ExitControls=002fefff [ 368.490230] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 368.556937] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 368.566215] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 368.591459] reason=80000021 qualification=0000000000000000 [ 368.610099] IDTVectoring: info=00000000 errcode=00000000 [ 368.618860] TSC Offset = 0xffffff383bc662b0 [ 368.634694] EPT pointer = 0x000000009f73101e [ 368.641666] *** Guest State *** [ 368.645183] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 368.656101] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 368.665411] CR3 = 0x0000000000000000 [ 368.669456] RSP = 0x0000000000000f80 RIP = 0x0000000000000007 [ 368.675946] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 368.683151] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 368.691351] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 368.699885] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 368.710076] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 368.718344] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 368.726619] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 368.734922] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 368.743284] GDTR: limit=0x00000000, base=0x0000000000000000 [ 368.751965] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 368.760644] IDTR: limit=0x00000000, base=0x0000000000000000 [ 368.768762] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 368.777381] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 368.784137] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 368.792379] Interruptibility = 00000000 ActivityState = 00000000 [ 368.803698] *** Host State *** [ 368.807090] RIP = 0xffffffff811c8cac RSP = 0xffff88805b92f8c0 [ 368.813163] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 368.820497] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 368.828689] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 368.836123] CR0=0000000080050033 CR3=00000000953fb000 CR4=00000000001426f0 [ 368.843211] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 368.850246] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 368.857113] *** Control State *** [ 368.860835] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 368.867983] EntryControls=0000d1ff ExitControls=002fefff [ 368.873519] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 368.880918] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 368.888215] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 368.897102] reason=80000021 qualification=0000000000000000 [ 368.905008] IDTVectoring: info=00000000 errcode=00000000 [ 368.910567] TSC Offset = 0xffffff37f259d0f7 [ 368.915867] EPT pointer = 0x00000000976eb01e 14:45:49 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x4, 0x0, 0x2}, 0x20) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:45:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x4004ae99, 0x0) 14:45:49 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0xfdfd}}}) 14:45:49 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:49 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r4 = syz_open_dev$media(&(0x7f00000000c0)='/dev/media#\x00', 0x9, 0x30800) getsockopt$inet6_opts(r4, 0x29, 0x3b, &(0x7f0000000100)=""/213, &(0x7f0000000200)=0xd5) 14:45:49 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = dup3(0xffffffffffffff9c, 0xffffffffffffff9c, 0x80000) ioctl$PPPIOCSFLAGS(r1, 0x40047459, &(0x7f0000000040)=0x4) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r3 = gettid() tkill(r3, 0x1000000000016) tkill(r0, 0x16) [ 370.738205] *** Guest State *** 14:45:49 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0xffe7}}}) [ 370.759908] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 370.779433] *** Guest State *** [ 370.796137] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 370.801153] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 370.840082] CR3 = 0x0000000000000000 [ 370.861065] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 370.883671] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 370.900554] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:45:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x40086602, 0x0) [ 370.910462] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 370.933101] CR3 = 0x0000000000000000 [ 370.948426] RSP = 0x0000000000002000 RIP = 0x0000000000000000 14:45:49 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x1000000}}}) [ 370.954345] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 370.969891] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 370.980924] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 370.985654] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 371.017607] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 371.022854] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 371.046543] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 371.053855] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 371.075009] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 371.076529] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 371.089148] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:49 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x2000000}}}) [ 371.121305] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 371.142421] GDTR: limit=0x00000000, base=0x0000000000000000 [ 371.158922] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 371.165081] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 371.189247] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 371.203637] GDTR: limit=0x00000000, base=0x0000000000000000 [ 371.214462] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x40087602, 0x0) 14:45:49 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x5000000}}}) [ 371.217793] IDTR: limit=0x00000000, base=0x0000000000000000 [ 371.237740] IDTR: limit=0x00000000, base=0x0000000000000000 [ 371.256039] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 371.266447] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 371.279024] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 371.289029] Interruptibility = 00000000 ActivityState = 00000000 [ 371.303167] *** Host State *** [ 371.306826] RIP = 0xffffffff811c8cac RSP = 0xffff88805dde78c0 [ 371.313237] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 371.313250] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 371.313260] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 371.313268] Interruptibility = 00000000 ActivityState = 00000000 [ 371.313272] *** Host State *** [ 371.313284] RIP = 0xffffffff811c8cac RSP = 0xffff888060d8f8c0 [ 371.365772] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 371.372558] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 371.387760] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 371.394143] CR0=0000000080050033 CR3=0000000097247000 CR4=00000000001426e0 [ 371.409439] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 371.416532] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 371.432302] *** Control State *** [ 371.436525] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 371.448244] EntryControls=0000d1ff ExitControls=002fefff [ 371.450923] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 371.455293] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 371.463187] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 371.474728] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 371.481521] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 371.492553] CR0=0000000080050033 CR3=000000008941d000 CR4=00000000001426f0 [ 371.493342] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 371.512526] reason=80000021 qualification=0000000000000000 [ 371.523284] IDTVectoring: info=00000000 errcode=00000000 [ 371.529136] TSC Offset = 0xffffff36cf5cd081 [ 371.536519] EPT pointer = 0x000000009edb301e [ 371.541144] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 371.541157] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 371.541161] *** Control State *** [ 371.541170] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 371.541177] EntryControls=0000d1ff ExitControls=002fefff [ 371.541192] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 371.541201] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 371.541208] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 371.541216] reason=80000021 qualification=0000000000000000 [ 371.541222] IDTVectoring: info=00000000 errcode=00000000 [ 371.541228] TSC Offset = 0xffffff36cc7163a5 [ 371.541237] EPT pointer = 0x00000000934bf01e 14:45:52 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) r2 = getpid() ptrace$cont(0x29, r2, 0x2, 0x4) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:45:52 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x20000000}}}) 14:45:52 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000300)={{r1, r2+10000000}, {0x0, 0x1c9c380}}, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20\x00', 0x0, 0x0) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r4, 0x84, 0x13, &(0x7f00000000c0)=0x2, 0x4) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r5 = gettid() tkill(r5, 0x1000000000016) tkill(r0, 0x16) 14:45:52 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 14:45:52 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x4020940d, 0x0) 14:45:52 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) openat$apparmor_task_current(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/attr/current\x00', 0x2, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000002c000/0x18000)=nil, 0x0, 0xfffffffffffffd72, 0x0, 0x0, 0xac) r4 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x20000, 0x0) ioctl$RTC_VL_CLR(r4, 0x7014) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:52 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0xe7ffffff}}}) 14:45:52 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x7fff, 0x608040) read$FUSE(r2, &(0x7f0000000340), 0x1000) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r3 = gettid() tkill(r3, 0x1000000000016) tkill(r0, 0x16) ioctl$SIOCNRDECOBS(r2, 0x89e2) 14:45:52 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 373.930477] *** Guest State *** [ 373.939847] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 14:45:52 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x4048ae9b, 0x0) [ 373.974157] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 374.008701] CR3 = 0x0000000000000000 14:45:52 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0xfdfdffff}}}) [ 374.037077] RSP = 0x0000000000001fc4 RIP = 0x0000000000003e05 [ 374.049963] RFLAGS=0x00010006 DR7 = 0x0000000000000400 [ 374.074003] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 14:45:52 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000003f}}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 374.133836] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 374.167558] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 374.199991] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 374.227832] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 374.250940] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 374.264873] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 374.288832] GDTR: limit=0x00000000, base=0x0000000000000000 [ 374.313692] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 374.336461] IDTR: limit=0x00000000, base=0x0000000000000000 [ 374.346772] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 374.364919] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 374.385154] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 374.396865] Interruptibility = 00000000 ActivityState = 00000000 [ 374.403958] *** Host State *** [ 374.407487] RIP = 0xffffffff811c8cac RSP = 0xffff8880596af8c0 [ 374.413977] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 374.421343] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 374.430648] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 374.437223] CR0=0000000080050033 CR3=00000000a59b3000 CR4=00000000001426f0 [ 374.444499] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 374.451418] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 374.457882] *** Control State *** [ 374.462186] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 374.468871] EntryControls=0000d1ff ExitControls=002fefff [ 374.474446] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 374.481512] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 374.488868] VMExit: intr_info=00000000 errcode=00000000 ilen=00000006 [ 374.505625] reason=80000021 qualification=0000000000000000 [ 374.524456] IDTVectoring: info=00000000 errcode=00000000 [ 374.530137] TSC Offset = 0xffffff3528aa0658 [ 374.538843] EPT pointer = 0x000000008b51a01e 14:45:55 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f00000000c0), 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:45:55 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0xfecaedfe}}}) 14:45:55 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x4090ae82, 0x0) 14:45:55 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$EVIOCGKEY(r2, 0x80404518, &(0x7f0000000400)=""/110) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000280)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x3d, 0x40, 0x3, 0x3f, 0x20, 0x1, 0x40, 0x4, 0x0, 0x4, 0x7f, 0x7fff, 0x9, 0xfc, 0x20, 0x400], 0x1, 0x300040}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000041000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f0000000180)="36360f01ca66b9b60b00000f3266b8630000000f23c00f21f86635020000000f23f80fc729640f300f01c9b805008ec866b93f03000066b80100000066ba000000000f3064da82000066b9800000c00f326635004000000f30", 0x59}], 0x1, 0x33, &(0x7f0000000240), 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:55 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$vbi(&(0x7f0000000140)='/dev/vbi#\x00', 0x3, 0x2) ioctl$sock_inet_SIOCSARP(r3, 0x8955, &(0x7f0000000180)={{0x2, 0x4e23, @local}, {0x6, @local}, 0x26, {0x2, 0x4e23, @loopback}, 'bcsh0\x00'}) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) r5 = openat$vfio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vfio/vfio\x00', 0xa132e29404ed382, 0x0) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r5, 0x6, 0x15, &(0x7f0000000100)=0x7fbd, 0x4) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:55 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f00000001c0)="0adc1f123c123f319bd070") r2 = gettid() tkill(r2, 0x1000000000016) r3 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x100000001, 0x20800) ioctl$SNDRV_TIMER_IOCTL_GINFO(r3, 0xc0f85403, &(0x7f0000000080)={{0x3, 0x1, 0x3f, 0x3, 0x3608}, 0x1, 0x1309, 'id0\x00', 'timer0\x00\x00\x00\x00\x00\x00\x00\x00\xb2\xc5\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x6, 0x4, 0x400000000000001, 0xffffffff}) tkill(r0, 0x16) 14:45:55 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ioctl$EVIOCSABS2F(r1, 0x401845ef, &(0x7f00000000c0)={0x1, 0x80000000, 0x6, 0x6, 0x1, 0x8000}) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) ioctl$SNDRV_TIMER_IOCTL_TREAD(r1, 0x40045402, &(0x7f0000000140)=0x1) connect$bt_sco(r1, &(0x7f0000000100)={0x1f, {0x200, 0x3, 0x80000001, 0x7fb, 0x9, 0x8001}}, 0x8) 14:45:55 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0xfeedcafe}}}) [ 376.872107] *** Guest State *** [ 376.882177] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 376.891476] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:45:55 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/hash_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000080)) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r3 = gettid() tkill(r3, 0x1000000000016) tkill(r0, 0x16) [ 376.953105] CR3 = 0x0000000000000000 [ 376.969356] RSP = 0x0000000000002000 RIP = 0x0000000000000000 14:45:55 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0xfffffdfd}}}) [ 377.011019] *** Guest State *** [ 377.016824] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 377.030858] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 14:45:55 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x4138ae84, 0x0) [ 377.060147] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 377.079992] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 377.090121] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 377.121766] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 377.130665] CR3 = 0x0000000000000000 [ 377.140780] RSP = 0x0000000000000f80 RIP = 0x0000000000000007 [ 377.156362] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 377.168127] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 377.183780] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 377.186764] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 14:45:55 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0xffffffe7}}}) [ 377.217908] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 377.222116] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 377.243905] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 377.264492] GDTR: limit=0x00000000, base=0x0000000000000000 [ 377.278357] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 377.298280] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 377.306876] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 377.306892] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 377.306909] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 377.306924] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 377.306935] GDTR: limit=0x00000000, base=0x0000000000000000 [ 377.306950] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 377.306959] IDTR: limit=0x00000000, base=0x0000000000000000 [ 377.306974] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 377.306982] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 377.306992] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 377.307000] Interruptibility = 00000000 ActivityState = 00000000 [ 377.307004] *** Host State *** [ 377.307013] RIP = 0xffffffff811c8cac RSP = 0xffff888086f7f8c0 [ 377.307032] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 377.307044] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 377.307054] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 14:45:55 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x100000000000000}}}) [ 377.307066] CR0=0000000080050033 CR3=000000008e6f4000 CR4=00000000001426e0 [ 377.307079] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 377.307090] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 377.307099] *** Control State *** [ 377.380550] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 377.388478] IDTR: limit=0x00000000, base=0x0000000000000000 [ 377.389529] EntryControls=0000d1ff ExitControls=002fefff 14:45:55 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x41a0ae8d, 0x0) 14:45:55 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x200000000000000}}}) [ 377.416240] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 377.434837] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 377.448726] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 377.462015] VMExit: intr_info=00000000 errcode=00000000 ilen=00000006 [ 377.515315] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 377.517866] reason=80000021 qualification=0000000000000000 [ 377.538697] IDTVectoring: info=00000000 errcode=00000000 [ 377.546431] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 377.553547] TSC Offset = 0xffffff337f365938 [ 377.573742] EPT pointer = 0x000000009ae5801e [ 377.576270] Interruptibility = 00000000 ActivityState = 00000000 [ 377.603349] *** Host State *** [ 377.612680] RIP = 0xffffffff811c8cac RSP = 0xffff88805ed8f8c0 [ 377.645103] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 14:45:56 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$EVIOCGKEY(r2, 0x80404518, &(0x7f0000000400)=""/110) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000280)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x3d, 0x40, 0x3, 0x3f, 0x20, 0x1, 0x40, 0x4, 0x0, 0x4, 0x7f, 0x7fff, 0x9, 0xfc, 0x20, 0x400], 0x1, 0x300040}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000041000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f0000000180)="36360f01ca66b9b60b00000f3266b8630000000f23c00f21f86635020000000f23f80fc729640f300f01c9b805008ec866b93f03000066b80100000066ba000000000f3064da82000066b9800000c00f326635004000000f30", 0x59}], 0x1, 0x33, &(0x7f0000000240), 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 377.690201] FSBase=00007f43d5ae8700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 377.744685] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 377.755658] CR0=0000000080050033 CR3=0000000082557000 CR4=00000000001426e0 [ 377.763089] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 377.770889] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 377.777416] *** Control State *** [ 377.796166] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 377.806906] EntryControls=0000d1ff ExitControls=002fefff [ 377.813140] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 377.825234] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 377.832760] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 377.839782] reason=80000021 qualification=0000000000000000 14:45:56 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000000180)={0x0, 0x1}) ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000200)={0x3f, 0x6}) ioctl$UI_BEGIN_FF_ERASE(r2, 0xc00c55ca, &(0x7f00000001c0)={0xf, 0x4, 0x41c3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video36\x00', 0x2, 0x0) ioctl$VIDIOC_DBG_G_REGISTER(r4, 0xc0385650, &(0x7f0000000140)={{0x7, @name="61e4e5f276a63239b802702c30e849e11ca61863d37acb6059a3eb90f8ae896f"}, 0x8, 0x1, 0x9}) syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x10001, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:56 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x500000000000000}}}) 14:45:56 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:45:56 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8004ae98, 0x0) [ 377.846666] IDTVectoring: info=00000000 errcode=00000000 [ 377.852637] TSC Offset = 0xffffff3388172e11 [ 377.857223] EPT pointer = 0x00000000a056601e [ 377.878118] *** Guest State *** [ 377.883821] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 377.935119] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 377.959562] CR3 = 0x0000000000000000 14:45:56 executing program 5: r0 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x3491cf1f, 0x4000) setsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000080)={0x1, 0x42, 0x3, 0x2f, 0x200, 0x7, 0x8, 0x50c, 0x9, 0xffffffffffff0cdf, 0x100000001}, 0xb) r1 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0xf}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_mreqsrc(r2, 0x0, 0x27, &(0x7f00000000c0)={@multicast2, @multicast2, @multicast2}, 0xc) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0xffffffff) r3 = gettid() tkill(r3, 0x1000000000016) tkill(r1, 0x16) 14:45:56 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x2000000000000000}}}) [ 377.979094] RSP = 0x0000000000000f80 RIP = 0x0000000000000007 [ 377.994668] *** Guest State *** [ 378.007115] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 378.018537] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 378.046910] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 378.062376] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 378.083162] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:56 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x3ff, &(0x7f0000000140)="0adc1f123c123f319bd0705a32eb5a63aa70753a9a516e72270e549b5347ecdca1988499825a0f453c01c1b98d6743a7d47193aff94271c2711404b19d17c77f103165bec9356370a4c211f4b1b41d88cc6706b4baf690a143c9b3adc49c5046b9c990516aefba9d32ba36d905") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0xc0001, 0x0) [ 378.106654] CR3 = 0x0000000000000000 [ 378.117361] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 378.128203] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 378.144918] RFLAGS=0x00010002 DR7 = 0x0000000000000400 14:45:56 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0xe7ffffffffffffff}}}) 14:45:56 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x80086601, 0x0) [ 378.153099] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 378.165079] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 378.188474] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 378.206783] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 378.227468] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 378.239235] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 378.266056] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 378.289190] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 378.304417] GDTR: limit=0x00000000, base=0x0000000000000000 14:45:56 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0xfdfdffff00000000}}}) [ 378.311759] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 378.326994] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 378.335717] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 378.350062] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 378.360141] GDTR: limit=0x00000000, base=0x0000000000000000 [ 378.372654] IDTR: limit=0x00000000, base=0x0000000000000000 [ 378.385940] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:56 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0xfdfdffffffffffff}}}) [ 378.412645] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 378.421031] IDTR: limit=0x00000000, base=0x0000000000000000 [ 378.434281] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 378.445097] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 378.456614] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 378.464578] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 378.471251] Interruptibility = 00000000 ActivityState = 00000000 [ 378.477815] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 378.485572] *** Host State *** [ 378.488970] RIP = 0xffffffff811c8cac RSP = 0xffff8880596378c0 [ 378.518309] Interruptibility = 00000000 ActivityState = 00000000 [ 378.532150] *** Host State *** [ 378.549875] RIP = 0xffffffff811c8cac RSP = 0xffff88805fb778c0 [ 378.561793] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 378.569356] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 378.590768] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 378.601753] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 378.610277] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 378.640881] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 378.649210] CR0=0000000080050033 CR3=0000000093a31000 CR4=00000000001426f0 [ 378.656339] CR0=0000000080050033 CR3=00000000a3992000 CR4=00000000001426e0 [ 378.656355] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 378.656365] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 378.656370] *** Control State *** [ 378.656378] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 378.656385] EntryControls=0000d1ff ExitControls=002fefff [ 378.656396] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 378.656404] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 378.656412] VMExit: intr_info=00000000 errcode=00000000 ilen=00000006 [ 378.656419] reason=80000021 qualification=0000000000000000 [ 378.656425] IDTVectoring: info=00000000 errcode=00000000 [ 378.656431] TSC Offset = 0xffffff3302b9e027 [ 378.656438] EPT pointer = 0x000000009c64601e 14:45:57 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$EVIOCGKEY(r2, 0x80404518, &(0x7f0000000400)=""/110) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000280)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x3d, 0x40, 0x3, 0x3f, 0x20, 0x1, 0x40, 0x4, 0x0, 0x4, 0x7f, 0x7fff, 0x9, 0xfc, 0x20, 0x400], 0x1, 0x300040}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000041000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f0000000180)="36360f01ca66b9b60b00000f3266b8630000000f23c00f21f86635020000000f23f80fc729640f300f01c9b805008ec866b93f03000066b80100000066ba000000000f3064da82000066b9800000c00f326635004000000f30", 0x59}], 0x1, 0x33, &(0x7f0000000240), 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 378.719334] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 378.758227] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 378.767752] *** Control State *** [ 378.772980] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 378.787597] EntryControls=0000d1ff ExitControls=002fefff [ 378.807681] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 378.824753] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 378.832395] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 378.839290] reason=80000021 qualification=0000000000000000 [ 378.847594] IDTVectoring: info=00000000 errcode=00000000 [ 378.853666] TSC Offset = 0xffffff32ede03d27 [ 378.858175] EPT pointer = 0x000000009104401e [ 378.868468] *** Guest State *** [ 378.872176] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 14:45:57 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = syz_open_dev$vbi(&(0x7f00000000c0)='/dev/vbi#\x00', 0x0, 0x2) setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x4e24, 0x7, @rand_addr="30c06e446e83467a94cb191f47027239", 0xff}}, 0x0, 0x101, 0x0, "871d2ad83fda77aa0cafb31ae42f0dccc94d19b725fe015d65ccdf21880dffc040570100bdb6f7f91df4d2d2262f185295b86102ca04490fe859bc5fe27470e0b4fd5611289d3133b92c3b21c10a19f3"}, 0xd8) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r4, 0x10e, 0x1, &(0x7f0000000200)=0x1b, 0x4) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:57 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0xfecaedfe00000000}}}) 14:45:57 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) shutdown(r0, 0x1) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) rt_tgsigqueueinfo(r2, r2, 0x12, &(0x7f00000000c0)={0x13, 0x3, 0x2}) ioctl$TIOCNOTTY(r1, 0x5422) tkill(r2, 0x3c) bind$isdn(r1, &(0x7f0000000140)={0x22, 0x7, 0xae0, 0x9, 0xa00000}, 0x6) fcntl$setstatus(r0, 0x4, 0x42803) 14:45:57 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x80087601, 0x0) [ 378.886604] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 378.896431] CR3 = 0x0000000000000000 [ 378.907786] RSP = 0x0000000000000f80 RIP = 0x0000000000000007 [ 378.937388] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 378.964308] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 14:45:57 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0xfffffffffffffdfd}}}) [ 378.994973] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 379.019367] *** Guest State *** [ 379.024627] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 379.045638] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 379.056173] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 379.074344] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 379.086154] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:57 executing program 5: pause() r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) [ 379.117079] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 379.119788] CR3 = 0x0000000000000000 [ 379.139784] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 379.140998] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 379.160584] RFLAGS=0x00010002 DR7 = 0x0000000000000400 14:45:57 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0xffffffffffffffe7}}}) 14:45:57 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8138ae83, 0x0) [ 379.166794] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 379.224617] GDTR: limit=0x00000000, base=0x0000000000000000 [ 379.245566] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 379.254662] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 379.273546] IDTR: limit=0x00000000, base=0x0000000000000000 [ 379.288538] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 379.297942] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 379.310508] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:57 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0x2}}}) [ 379.322029] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 379.331099] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 379.341801] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 379.351334] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 379.360238] Interruptibility = 00000000 ActivityState = 00000000 [ 379.370103] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 379.381033] *** Host State *** [ 379.388522] RIP = 0xffffffff811c8cac RSP = 0xffff8880862f78c0 [ 379.404006] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 14:45:57 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x81a0ae8c, 0x0) [ 379.417936] GDTR: limit=0x00000000, base=0x0000000000000000 [ 379.442485] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 379.465504] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:45:57 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0x5}}}) [ 379.479988] IDTR: limit=0x00000000, base=0x0000000000000000 [ 379.494778] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 379.519510] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 379.526906] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 379.549534] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 379.562623] CR0=0000000080050033 CR3=00000000a3992000 CR4=00000000001426e0 [ 379.562639] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 379.562650] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 379.562655] *** Control State *** [ 379.562663] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 379.562670] EntryControls=0000d1ff ExitControls=002fefff [ 379.562680] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 379.562687] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 379.562695] VMExit: intr_info=00000000 errcode=00000000 ilen=00000006 [ 379.562701] reason=80000021 qualification=0000000000000000 [ 379.562708] IDTVectoring: info=00000000 errcode=00000000 [ 379.562713] TSC Offset = 0xffffff327785fe98 [ 379.562721] EPT pointer = 0x000000008b2a701e [ 379.588676] Interruptibility = 00000000 ActivityState = 00000000 [ 379.605992] *** Host State *** [ 379.627609] RIP = 0xffffffff811c8cac RSP = 0xffff88805935f8c0 [ 379.638738] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 14:45:58 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$EVIOCGKEY(r2, 0x80404518, &(0x7f0000000400)=""/110) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000280)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x3d, 0x40, 0x3, 0x3f, 0x20, 0x1, 0x40, 0x4, 0x0, 0x4, 0x7f, 0x7fff, 0x9, 0xfc, 0x20, 0x400], 0x1, 0x300040}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000041000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f0000000180)="36360f01ca66b9b60b00000f3266b8630000000f23c00f21f86635020000000f23f80fc729640f300f01c9b805008ec866b93f03000066b80100000066ba000000000f3064da82000066b9800000c00f326635004000000f30", 0x59}], 0x1, 0x33, &(0x7f0000000240), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 379.683332] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 379.697133] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 379.705656] CR0=0000000080050033 CR3=000000009534d000 CR4=00000000001426f0 [ 379.717769] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 379.729547] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 379.744129] *** Control State *** [ 379.755835] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 379.773782] EntryControls=0000d1ff ExitControls=002fefff [ 379.784843] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 379.804110] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 379.816013] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 14:45:58 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) setxattr$security_ima(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='security.ima\x00', &(0x7f0000000140)=@v1={0x2, "bb82ea"}, 0x4, 0x1) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:45:58 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0xe7}}}) 14:45:58 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xc0045878, 0x0) [ 379.838187] reason=80000021 qualification=0000000000000000 [ 379.853400] IDTVectoring: info=00000000 errcode=00000000 [ 379.859162] TSC Offset = 0xffffff32601d0785 [ 379.869590] EPT pointer = 0x00000000888d801e [ 379.983747] *** Guest State *** [ 379.988075] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 379.998127] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 380.008711] CR3 = 0x0000000000000000 [ 380.021238] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 380.027833] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 380.038472] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 380.046411] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 380.060898] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 380.069260] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 380.083157] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 380.092227] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 380.100336] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 380.100349] GDTR: limit=0x00000000, base=0x0000000000000000 [ 380.100369] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 380.123888] IDTR: limit=0x00000000, base=0x0000000000000000 [ 380.139875] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 380.148428] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 380.167163] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 380.177081] Interruptibility = 00000000 ActivityState = 00000000 [ 380.184096] *** Host State *** [ 380.187529] RIP = 0xffffffff811c8cac RSP = 0xffff8880558af8c0 [ 380.199482] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 380.207079] FSBase=00007f43d5ae8700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 380.215196] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 380.221387] CR0=0000000080050033 CR3=00000000a0059000 CR4=00000000001426e0 [ 380.228427] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 380.235190] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 380.241533] *** Control State *** [ 380.244994] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 380.251795] EntryControls=0000d1ff ExitControls=002fefff [ 380.257631] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 380.264947] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 380.271716] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 380.278310] reason=80000021 qualification=0000000000000000 [ 380.285067] IDTVectoring: info=00000000 errcode=00000000 [ 380.290569] TSC Offset = 0xffffff31dc8ed389 [ 380.295259] EPT pointer = 0x00000000aa2fb01e 14:46:00 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0x500}}}) 14:46:00 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$EVIOCGKEY(r2, 0x80404518, &(0x7f0000000400)=""/110) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000280)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x3d, 0x40, 0x3, 0x3f, 0x20, 0x1, 0x40, 0x4, 0x0, 0x4, 0x7f, 0x7fff, 0x9, 0xfc, 0x20, 0x400], 0x1, 0x300040}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000041000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f0000000180)="36360f01ca66b9b60b00000f3266b8630000000f23c00f21f86635020000000f23f80fc729640f300f01c9b805008ec866b93f03000066b80100000066ba000000000f3064da82000066b9800000c00f326635004000000f30", 0x59}], 0x1, 0x33, &(0x7f0000000240), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:46:00 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xc0045878, 0x0) 14:46:00 executing program 5: r0 = gettid() r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000040)={0x2, 0x0, @initdev}, &(0x7f0000000080)=0xffffffffffffff67, 0x80000) getsockopt$inet_sctp_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f00000000c0), &(0x7f0000000100)=0x4) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$bt_BT_CHANNEL_POLICY(r4, 0x112, 0xa, &(0x7f00000003c0)=0x10001, 0x4) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") write$binfmt_misc(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="73797a31d1810af7f752e94fc40f59dd7d992f5e41a5df4e93bde5"], 0x24) r5 = dup(r2) ioctl$VIDIOC_DBG_S_REGISTER(r5, 0x4038564f, &(0x7f0000000140)={{0x0, @addr=0x6a3}, 0x8, 0x8695, 0x10000}) r6 = openat(r5, &(0x7f00000001c0)='./file0\x00', 0x8002, 0x1f1) r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000240)='TIPC\x00') sendmsg$TIPC_CMD_SET_NODE_ADDR(r6, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x24, r7, 0x300, 0x70bd2a, 0x25dfdbff, {{}, 0x0, 0x8001, 0x0, {0x8, 0x11, 0x3ff}}, ["", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x400c004) ioctl$DRM_IOCTL_INFO_BUFS(r5, 0xc0106418, &(0x7f0000000400)={0x9, 0x1, 0x0, 0x401, 0x10}) poll(0x0, 0xffffff0e, 0x100) r8 = gettid() tkill(r8, 0x1000000000016) ioctl$DRM_IOCTL_MODE_SETCRTC(r3, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0x80000001, 0x7, 0xfffffffffffffff8, 0xffffffff], 0x4, 0xfff, 0x72, 0x81, 0x5, 0x0, {0x1ff, 0x3, 0xb54, 0x6, 0x1, 0x5, 0x9, 0x6, 0x17, 0x4, 0x8, 0xffffffff, 0x6b00000000000, 0x9, "926d7618cc2e617a31acfc797243e028ba7240e45af23270f2fb28adb870ecea"}}) prctl$PR_SET_SECUREBITS(0x1c, 0xec2ff9f9c06aae0c) tkill(r0, 0x16) 14:46:00 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:46:00 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) prctl$PR_GET_CHILD_SUBREAPER(0x25) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:46:00 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0xfffffffffffffffe}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = syz_open_dev$media(&(0x7f0000000140)='/dev/media#\x00', 0x43d, 0x400) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000180), &(0x7f00000001c0)=0x4) r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x40000, 0x0) ioctl$SG_NEXT_CMD_LEN(r2, 0x2283, &(0x7f0000000080)=0x28) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) sched_getattr(r0, &(0x7f0000000100), 0x30, 0x0) r4 = gettid() fcntl$setownex(r3, 0xf, &(0x7f00000000c0)={0x0, r0}) tkill(r4, 0x1000000000016) tkill(r0, 0x16) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) syz_init_net_socket$ax25(0x3, 0x3, 0x0) 14:46:00 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000100)='/proc/capi/capi20ncci\x00', 0x50000, 0x0) ioctl$DRM_IOCTL_CONTROL(r1, 0x40086414, &(0x7f0000000140)={0x2, 0x9}) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r2 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x132224) socket$inet6_udp(0xa, 0x2, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) fcntl$getownex(r1, 0x10, &(0x7f0000000180)) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x3c) fcntl$setownex(r0, 0xf, &(0x7f00000000c0)={0x2, r3}) fcntl$setstatus(r0, 0x4, 0x42803) [ 382.013900] *** Guest State *** 14:46:00 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0x2000}}}) [ 382.036508] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 382.050618] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 382.059591] CR3 = 0x0000000000000000 [ 382.116705] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 382.128347] RFLAGS=0x00010002 DR7 = 0x0000000000000400 14:46:00 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0xe7ff}}}) 14:46:00 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$EVIOCGKEY(r2, 0x80404518, &(0x7f0000000400)=""/110) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000280)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x3d, 0x40, 0x3, 0x3f, 0x20, 0x1, 0x40, 0x4, 0x0, 0x4, 0x7f, 0x7fff, 0x9, 0xfc, 0x20, 0x400], 0x1, 0x300040}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000041000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f0000000180)="36360f01ca66b9b60b00000f3266b8630000000f23c00f21f86635020000000f23f80fc729640f300f01c9b805008ec866b93f03000066b80100000066ba000000000f3064da82000066b9800000c00f326635004000000f30", 0x59}], 0x1, 0x33, &(0x7f0000000240), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 382.158516] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 382.170824] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 382.196248] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 382.230630] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 382.264612] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:46:00 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xc0189436, 0x0) 14:46:00 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0xfdfd}}}) [ 382.284776] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 382.307242] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 382.334617] GDTR: limit=0x00000000, base=0x0000000000000000 [ 382.361374] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:46:00 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0xffe7}}}) [ 382.392264] IDTR: limit=0x00000000, base=0x0000000000000000 [ 382.423776] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:46:00 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$EVIOCGKEY(r2, 0x80404518, &(0x7f0000000400)=""/110) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000280)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x3d, 0x40, 0x3, 0x3f, 0x20, 0x1, 0x40, 0x4, 0x0, 0x4, 0x7f, 0x7fff, 0x9, 0xfc, 0x20, 0x400], 0x1, 0x300040}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 382.454733] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 382.471530] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 382.479345] Interruptibility = 00000000 ActivityState = 00000000 14:46:01 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0x1000000}}}) [ 382.627048] *** Guest State *** [ 382.636813] *** Host State *** [ 382.647864] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 382.657339] RIP = 0xffffffff811c8cac RSP = 0xffff88805bcef8c0 14:46:01 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xc018ae85, 0x0) [ 382.675417] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 382.681293] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 382.694031] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 382.713919] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 382.728944] CR0=0000000080050033 CR3=000000008ec66000 CR4=00000000001426f0 [ 382.742112] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 382.758484] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 382.768145] CR3 = 0x0000000000000000 [ 382.779009] RSP = 0x0000000000000040 RIP = 0x0000000000000007 [ 382.789218] RFLAGS=0x00310042 DR7 = 0x0000000000000400 [ 382.800288] *** Control State *** [ 382.816529] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 382.818990] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 382.837122] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 382.845361] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 382.847535] EntryControls=0000d1ff ExitControls=002fefff [ 382.853813] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 382.869191] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 382.876427] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 382.876447] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 382.876463] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 382.876474] GDTR: limit=0x00000000, base=0x0000000000000000 [ 382.876490] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 382.898794] IDTR: limit=0x00000000, base=0x0000000000000000 [ 382.910785] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 382.917625] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 382.930323] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 382.936535] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 382.945726] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 382.947768] reason=80000021 qualification=0000000000000000 [ 382.959585] Interruptibility = 00000000 ActivityState = 00000000 [ 382.962285] IDTVectoring: info=00000000 errcode=00000000 14:46:01 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mixer\x00', 0x40400, 0x0) ioctl$SIOCX25SCAUSEDIAG(r2, 0x89ec, &(0x7f0000000440)={0x2, 0x200}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r5 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/policy\x00', 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x2, r5, 0x1}) ioctl$SG_GET_VERSION_NUM(r2, 0x2282, &(0x7f0000000480)) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_STATUS(r5, 0x84, 0xe, &(0x7f0000000140)={0x0, 0x0, 0x4, 0xffffffff00000000, 0x0, 0x800, 0x2, 0x58f, {0x0, @in6={{0xa, 0x4e24, 0x6, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x5}}, 0x8, 0x10001, 0x0, 0x9, 0x4}}, &(0x7f0000000200)=0xb0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r5, 0x84, 0x7c, &(0x7f0000000240)={r6, 0x4, 0xde}, &(0x7f0000000280)=0x8) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 382.968604] *** Host State *** [ 382.975315] TSC Offset = 0xffffff30c6d39565 [ 382.985759] RIP = 0xffffffff811c8cac RSP = 0xffff8880586278c0 [ 382.988956] EPT pointer = 0x0000000095edf01e [ 382.997094] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 383.016569] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 383.042533] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 383.057687] CR0=0000000080050033 CR3=000000008a4c4000 CR4=00000000001426e0 [ 383.083703] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 383.097049] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 383.108755] *** Control State *** [ 383.112616] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 383.124913] EntryControls=0000d1ff ExitControls=002fefff [ 383.130622] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 383.163770] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 383.173455] VMExit: intr_info=00000000 errcode=00000000 ilen=00000006 [ 383.185831] reason=80000021 qualification=0000000000000000 [ 383.197256] IDTVectoring: info=00000000 errcode=00000000 [ 383.205721] TSC Offset = 0xffffff3077b037dd [ 383.213417] EPT pointer = 0x0000000085b4f01e 14:46:03 executing program 5: r0 = gettid() r1 = syz_open_dev$swradio(&(0x7f0000000100)='/dev/swradio#\x00', 0x1, 0x2) socketpair(0x8, 0xa, 0x8, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$IP_VS_SO_GET_VERSION(r2, 0x0, 0x480, &(0x7f0000000080), &(0x7f00000000c0)=0x40) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r4 = gettid() tkill(r4, 0x1000000000016) tkill(r0, 0x16) ioctl$TIOCGISO7816(r1, 0x80285442, &(0x7f0000000140)) 14:46:03 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/null\x00', 0xc8080, 0x0) ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000100)={0x4, 0x0, 0xfff, 0x8, 0x3, 0x7, 0xad6e, 0xa7, 0x101, 0x10001}) r2 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x132224) r3 = msgget$private(0x0, 0x100) msgctl$IPC_STAT(r3, 0x2, &(0x7f00000001c0)=""/103) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = msgget$private(0x0, 0x691) msgctl$IPC_STAT(r4, 0x2, &(0x7f0000000140)=""/79) r5 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000000)={@local, 0xfffffffffffffffa, 0x0, 0x0, 0x3, 0x0, 0x2}, 0xffffffffffffff0a) ptrace$setopts(0x4206, r5, 0x0, 0x0) tkill(r5, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:46:03 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0x2000000}}}) 14:46:03 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xc020660b, 0x0) 14:46:03 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000003f000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000080)="66b8cd008ec8ea89a80000ba00c4c37909438ee5c4e1f165ac9fc5ca0000b90a080000b800900000ba000000000f3066baf80cb8684f9d80ef66bafc0cedc4c2018c57ea0f01ca2e670f001eac00f26e", 0x50}], 0x1, 0x20, &(0x7f0000000140)=[@cr0={0x0, 0x1}, @cstype0={0x4, 0x1}], 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:46:03 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$EVIOCGKEY(r2, 0x80404518, &(0x7f0000000400)=""/110) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000280)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x3d, 0x40, 0x3, 0x3f, 0x20, 0x1, 0x40, 0x4, 0x0, 0x4, 0x7f, 0x7fff, 0x9, 0xfc, 0x20, 0x400], 0x1, 0x300040}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:46:03 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) socket$nl_crypto(0x10, 0x3, 0x15) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) kcmp(r2, r2, 0x0, r1, r1) r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm_plock\x00', 0x40000, 0x0) ioctl$TIOCMGET(r3, 0x5415, &(0x7f0000000080)) 14:46:03 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0x5000000}}}) [ 385.208397] *** Guest State *** [ 385.231170] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 385.264837] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 385.296483] CR3 = 0x0000000000000000 [ 385.302391] RSP = 0x0000000000000040 RIP = 0x0000000000000007 [ 385.311142] RFLAGS=0x00310042 DR7 = 0x0000000000000400 [ 385.317419] *** Guest State *** [ 385.318524] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 385.328368] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:46:03 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0x20000000}}}) [ 385.338578] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 385.338905] audit: type=1400 audit(1555339563.767:144): avc: denied { create } for pid=22934 comm="syz-executor.5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 [ 385.373948] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 385.384044] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 385.393448] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 385.403634] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 385.413049] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 385.422689] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:46:03 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x4000) [ 385.446936] GDTR: limit=0x00000000, base=0x0000000000000000 [ 385.456478] CR3 = 0x0000000000000000 [ 385.478741] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:46:03 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0xe7ffffff}}}) [ 385.497399] IDTR: limit=0x00000000, base=0x0000000000000000 [ 385.515669] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 385.517703] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 385.536923] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 385.565166] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 385.584050] Interruptibility = 00000000 ActivityState = 00000000 [ 385.600068] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 385.608334] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 14:46:04 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() tkill(r2, 0x25) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r2, r1, 0x0, 0x5, &(0x7f0000000100)='proc\x00', 0x0}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000180)=r3, 0x4) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) open(&(0x7f00000000c0)='./file0\x00', 0xa0000, 0x0) fcntl$setstatus(r0, 0x4, 0x42803) [ 385.616246] *** Host State *** [ 385.624112] RIP = 0xffffffff811c8cac RSP = 0xffff8880576c78c0 [ 385.634659] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 385.644179] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 385.653443] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:46:04 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff}}}) [ 385.662690] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 385.674867] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 385.684192] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 385.690952] CR0=0000000080050033 CR3=00000000a99bc000 CR4=00000000001426f0 [ 385.698991] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 385.707989] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 385.720554] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 385.734938] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 385.754738] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:46:04 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ioctl$VIDIOC_RESERVED(r1, 0x5601, 0x0) fcntl$setstatus(r0, 0x4, 0x42803) 14:46:04 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x7400) [ 385.768521] *** Control State *** [ 385.776561] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 385.786903] GDTR: limit=0x00000000, base=0x0000000000000000 [ 385.799882] EntryControls=0000d1ff ExitControls=002fefff [ 385.824299] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 385.834239] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 385.855292] IDTR: limit=0x00000000, base=0x0000000000000000 14:46:04 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0xfecaedfe}}}) [ 385.868603] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 385.879762] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 385.887898] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 385.917657] VMExit: intr_info=00000000 errcode=00000000 ilen=00000006 [ 385.942764] reason=80000021 qualification=0000000000000000 [ 385.965793] IDTVectoring: info=00000000 errcode=00000000 [ 385.975719] TSC Offset = 0xffffff2f12624833 [ 385.983136] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 385.995222] EPT pointer = 0x0000000090aa601e [ 386.008332] Interruptibility = 00000000 ActivityState = 00000000 [ 386.045284] *** Host State *** [ 386.070259] RIP = 0xffffffff811c8cac RSP = 0xffff8880560878c0 [ 386.083098] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 386.094644] FSBase=00007f43d5ac7700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 386.119888] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 386.137655] CR0=0000000080050033 CR3=0000000093b75000 CR4=00000000001426e0 [ 386.148966] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 386.161788] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 386.187454] *** Control State *** [ 386.195213] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 386.203101] EntryControls=0000d1ff ExitControls=002fefff [ 386.208803] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 386.215957] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 386.223210] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 386.230207] reason=80000021 qualification=0000000000000000 14:46:04 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x10000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0xf3c, 0x400000) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000280)={r4, &(0x7f0000000540)="3a62b60be3d612d2c430243df90aa2a6c1df8971b4868af4b6f27132fbe15d0c285660ee9b879f4ee911403fe69561003fd308ead81100ecfcd64e1df1e2024338d984a976d909e96ef1fd20e0c01668641e62158692f216ba82074a8bba63f31156f28c54e5e8f290ca37e708cc548b3003c6c726d7cd3909e97cf85ea1d18b2fd0120bc953a2b849bddccf041e8a718f11d976520b54b22effda81c5ec1c56ff4f4c32e43768b02df89e5d2aaeb394ddfa560727d91d1196cf7bd58e0446c34576e9e5e4b383255920f151dec6eae80ef9", &(0x7f00000004c0)=""/111}, 0x18) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_TRANSLATE(r4, 0xc018ae85, &(0x7f0000000400)={0x4000, 0x5000, 0x401, 0x8, 0x367}) ioctl$PERF_EVENT_IOC_ID(r4, 0x80082407, &(0x7f0000000100)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 14:46:04 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x9400) 14:46:04 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0xfeedcafe}}}) 14:46:04 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$EVIOCGKEY(r2, 0x80404518, &(0x7f0000000400)=""/110) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000280)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x3d, 0x40, 0x3, 0x3f, 0x20, 0x1, 0x40, 0x4, 0x0, 0x4, 0x7f, 0x7fff, 0x9, 0xfc, 0x20, 0x400], 0x1, 0x300040}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:46:04 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") setpgid(r0, r0) ioctl$void(r1, 0xc0045878) poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) [ 386.236765] IDTVectoring: info=00000000 errcode=00000000 [ 386.243466] TSC Offset = 0xffffff2f112071c5 [ 386.247893] EPT pointer = 0x000000008286201e 14:46:04 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd}}}) [ 386.349200] *** Guest State *** [ 386.359558] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 386.376333] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 386.387305] CR3 = 0x0000000000000000 [ 386.404862] RSP = 0x0000000000000040 RIP = 0x0000000000000007 [ 386.420599] RFLAGS=0x00310042 DR7 = 0x0000000000000400 [ 386.428544] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 386.436274] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 386.445406] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 386.454036] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 386.463697] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:46:04 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f00000000c0)=@assoc_value, &(0x7f0000000100)=0x8) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}) fcntl$dupfd(r1, 0x406, r0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:46:04 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0xffffffe7}}}) 14:46:04 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x400000) [ 386.483132] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 386.523248] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 386.532723] GDTR: limit=0x00000000, base=0x0000000000000000 [ 386.575190] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 386.617089] IDTR: limit=0x00000000, base=0x0000000000000000 [ 386.629452] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 386.658103] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 386.670806] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 386.683891] *** Guest State *** [ 386.686626] Interruptibility = 00000000 ActivityState = 00000000 [ 386.687549] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 386.695225] *** Host State *** [ 386.714549] RIP = 0xffffffff811c8cac RSP = 0xffff88805af978c0 [ 386.721936] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 386.726386] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 386.732158] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 386.747169] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 386.755200] CR0=0000000080050033 CR3=0000000082557000 CR4=00000000001426e0 [ 386.761913] CR3 = 0x0000000000000000 [ 386.766545] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 386.767258] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 386.773277] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 386.781396] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 386.786142] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 386.796859] *** Control State *** [ 386.799520] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 386.802927] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 386.811952] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 386.823037] EntryControls=0000d1ff ExitControls=002fefff [ 386.826395] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 386.839973] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 386.840931] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 386.848590] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 386.855792] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 386.864107] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 386.876721] VMExit: intr_info=00000000 errcode=00000000 ilen=00000006 [ 386.879084] GDTR: limit=0x00000000, base=0x0000000000000000 [ 386.885791] reason=80000021 qualification=0000000000000000 [ 386.895211] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 386.907246] IDTVectoring: info=00000000 errcode=00000000 [ 386.910576] IDTR: limit=0x00000000, base=0x0000000000000000 [ 386.917839] TSC Offset = 0xffffff2e74321d9c [ 386.924776] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 386.934100] EPT pointer = 0x0000000089c4001e [ 386.938526] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 386.951191] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 386.958766] Interruptibility = 00000000 ActivityState = 00000000 [ 386.965434] *** Host State *** [ 386.968746] RIP = 0xffffffff811c8cac RSP = 0xffff88805c45f8c0 [ 386.975025] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 386.987985] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 386.996216] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 387.002361] CR0=0000000080050033 CR3=00000000a04af000 CR4=00000000001426f0 [ 387.002377] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 387.002387] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 387.002392] *** Control State *** [ 387.002399] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 387.002405] EntryControls=0000d1ff ExitControls=002fefff [ 387.002418] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 387.002426] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 387.002434] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 387.002441] reason=80000021 qualification=0000000000000000 [ 387.002448] IDTVectoring: info=00000000 errcode=00000000 [ 387.002454] TSC Offset = 0xffffff2e4715f532 [ 387.002463] EPT pointer = 0x000000008a18d01e [ 387.110953] *** Guest State *** [ 387.114611] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 387.124593] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 387.135411] CR3 = 0x0000000000000000 [ 387.139957] RSP = 0x0000000000000f7c RIP = 0x0000000000002000 [ 387.146922] RFLAGS=0x00010892 DR7 = 0x0000000000000400 [ 387.154036] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 387.160839] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 387.168935] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 387.177338] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 387.186846] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 387.196647] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 387.205049] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 387.213144] GDTR: limit=0x00000000, base=0x0000000000000000 [ 387.221318] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 387.229585] IDTR: limit=0x00000000, base=0x0000000000000000 [ 387.238412] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 387.247259] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 387.256850] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 387.265185] Interruptibility = 00000000 ActivityState = 00000000 [ 387.272445] *** Host State *** [ 387.275839] RIP = 0xffffffff811c8cac RSP = 0xffff88805af978c0 [ 387.282209] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 387.289308] FSBase=00007f43d5ac7700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 387.297632] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 387.304285] CR0=0000000080050033 CR3=00000000a04af000 CR4=00000000001426f0 [ 387.311518] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 387.318401] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 387.325422] *** Control State *** [ 387.328898] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 387.336256] EntryControls=0000d1ff ExitControls=002fefff [ 387.341871] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 387.349014] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000 [ 387.358935] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002 [ 387.365668] reason=80000021 qualification=0000000000000000 [ 387.372649] IDTVectoring: info=00000000 errcode=00000000 [ 387.379490] TSC Offset = 0xffffff2e0b58af4f [ 387.383985] EPT pointer = 0x00000000a8c4901e 14:46:07 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ff5, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0xfffffffffffffffd) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:46:07 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}}}) 14:46:07 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x507100) 14:46:07 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$EVIOCGKEY(r2, 0x80404518, &(0x7f0000000400)=""/110) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000280)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000041000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f0000000180)="36360f01ca66b9b60b00000f3266b8630000000f23c00f21f86635020000000f23f80fc729640f300f01c9b805008ec866b93f03000066b80100000066ba000000000f3064da82000066b9800000c00f326635004000000f30", 0x59}], 0x1, 0x33, &(0x7f0000000240), 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:46:07 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x287, 0x1) r2 = gettid() tkill(r2, 0x1000000000016) tkill(r0, 0x16) 14:46:07 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x7, 0x101001) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 388.965089] *** Guest State *** 14:46:07 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}}}) [ 388.987382] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 389.026005] *** Guest State *** 14:46:07 executing program 5: r0 = socket$key(0xf, 0x3, 0x2) fsetxattr$trusted_overlay_origin(r0, &(0x7f0000000100)='trusted.overlay.origin\x00', &(0x7f0000000140)='y\x00', 0x2, 0x1) gettid() r1 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0xffffffffffffff7f, 0x800) getsockopt$inet_sctp_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000080), &(0x7f00000000c0)=0xb) syz_init_net_socket$rose(0xb, 0x5, 0x0) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r3 = gettid() tkill(r3, 0x1000000000016) write$cgroup_pid(r1, &(0x7f0000000180)=r3, 0x12) tkill(r3, 0x28) [ 389.030706] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 389.052410] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 389.078543] CR3 = 0x0000000000000000 [ 389.094860] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 389.118372] RFLAGS=0x00010002 DR7 = 0x0000000000000400 14:46:07 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x50d000) 14:46:07 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0x500000000000000}}}) [ 389.137173] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 389.161402] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 389.167448] CR3 = 0x0000000000000000 [ 389.174483] RSP = 0x0000000000000f80 RIP = 0x0000000000000007 [ 389.194428] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 389.203030] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 389.214975] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 389.244361] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 389.261283] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:46:07 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") socket$inet6_sctp(0xa, 0x1, 0x84) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x800, 0x0) mkdirat$cgroup(r2, &(0x7f0000000080)='syz0\x00', 0x1ff) poll(0x0, 0x0, 0x77919ce2) r3 = gettid() tkill(r3, 0x1000000000016) tkill(r0, 0x16) 14:46:07 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}}}) [ 389.285838] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 389.318836] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 389.340589] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 389.361457] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 389.378408] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 389.397122] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 389.410247] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 389.435194] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:46:07 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ioctl$BLKALIGNOFF(r1, 0x127a, &(0x7f00000000c0)) fcntl$setstatus(r0, 0x4, 0x42803) 14:46:07 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x70c000) 14:46:07 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0xe7ffffffffffffff}}}) [ 389.444224] GDTR: limit=0x00000000, base=0x0000000000000000 [ 389.452652] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 389.453600] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 389.515964] GDTR: limit=0x00000000, base=0x0000000000000000 [ 389.521760] IDTR: limit=0x00000000, base=0x0000000000000000 [ 389.582586] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 389.587824] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 389.599952] IDTR: limit=0x00000000, base=0x0000000000000000 [ 389.615147] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 389.623307] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 389.639397] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 389.648675] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 389.653926] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 389.670002] Interruptibility = 00000000 ActivityState = 00000000 [ 389.677372] Interruptibility = 00000000 ActivityState = 00000000 [ 389.689795] *** Host State *** [ 389.694777] *** Host State *** [ 389.699055] RIP = 0xffffffff811c8cac RSP = 0xffff88805d9af8c0 [ 389.702225] RIP = 0xffffffff811c8cac RSP = 0xffff8880560878c0 [ 389.707972] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 389.725702] FSBase=00007f43d5ae8700 GSBase=ffff8880ae900000 TRBase=fffffe0000003000 [ 389.738285] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 389.748326] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 389.755652] FSBase=00007fb1e7916700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 389.756567] CR0=0000000080050033 CR3=0000000085b4f000 CR4=00000000001426e0 [ 389.777625] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 389.778943] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 389.785917] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 389.805018] *** Control State *** [ 389.805732] CR0=0000000080050033 CR3=000000009939b000 CR4=00000000001426e0 [ 389.817973] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 389.828340] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 389.844105] EntryControls=0000d1ff ExitControls=002fefff [ 389.848000] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 389.852947] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 389.863801] *** Control State *** [ 389.867383] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 389.869216] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 389.888730] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 389.894148] EntryControls=0000d1ff ExitControls=002fefff [ 389.899127] reason=80000021 qualification=0000000000000000 [ 389.909093] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 389.915572] IDTVectoring: info=00000000 errcode=00000000 [ 389.924963] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 389.934607] TSC Offset = 0xffffff2d0ca8daff 14:46:08 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000}}}) 14:46:08 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x715000) 14:46:08 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:46:08 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$EVIOCGKEY(r2, 0x80404518, &(0x7f0000000400)=""/110) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000280)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000041000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f0000000180)="36360f01ca66b9b60b00000f3266b8630000000f23c00f21f86635020000000f23f80fc729640f300f01c9b805008ec866b93f03000066b80100000066ba000000000f3064da82000066b9800000c00f326635004000000f30", 0x59}], 0x1, 0x33, &(0x7f0000000240), 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 389.939240] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 389.939339] EPT pointer = 0x000000008856e01e [ 389.947533] reason=80000021 qualification=0000000000000000 [ 389.958166] IDTVectoring: info=00000000 errcode=00000000 [ 389.964178] TSC Offset = 0xffffff2d0c8b0ff9 [ 389.972859] EPT pointer = 0x000000009099a01e 14:46:08 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0xfdfdffffffffffff}}}) [ 390.125895] *** Guest State *** [ 390.148436] *** Guest State *** [ 390.152864] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 390.162697] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 390.172569] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 390.182140] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 390.193733] CR3 = 0x0000000000000000 14:46:08 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0xfecaedfe00000000}}}) [ 390.198020] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 390.205378] CR3 = 0x0000000000000000 [ 390.209539] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 390.209645] RSP = 0x0000000000000f80 RIP = 0x0000000000000007 [ 390.223174] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 390.230556] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 390.238072] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:46:08 executing program 5: timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f31b5d070") poll(0x0, 0x0, 0x77919ce2) r1 = gettid() tkill(r1, 0x1000000000016) tkill(0x0, 0x16) [ 390.248119] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 390.257284] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 390.271141] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 390.277804] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 14:46:08 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x740000) [ 390.318535] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 390.341279] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 390.354415] GDTR: limit=0x00000000, base=0x0000000000000000 14:46:08 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdfd}}}) [ 390.364623] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 390.373458] IDTR: limit=0x00000000, base=0x0000000000000000 [ 390.376092] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 390.382032] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 390.401088] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 390.410241] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 390.418673] Interruptibility = 00000000 ActivityState = 00000000 [ 390.425707] *** Host State *** [ 390.429193] RIP = 0xffffffff811c8cac RSP = 0xffff88804b5478c0 [ 390.441057] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 390.453655] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 390.456166] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 390.495352] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 390.518954] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 390.523313] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 390.538235] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 390.542620] CR0=0000000080050033 CR3=0000000092c04000 CR4=00000000001426f0 [ 390.551541] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 390.554776] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 390.584849] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 390.595391] *** Control State *** [ 390.596306] GDTR: limit=0x00000000, base=0x0000000000000000 [ 390.614342] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 390.623101] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 390.631234] EntryControls=0000d1ff ExitControls=002fefff [ 390.631249] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 390.631257] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 390.631266] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 390.645752] IDTR: limit=0x00000000, base=0x0000000000000000 [ 390.651315] reason=80000021 qualification=0000000000000000 [ 390.663196] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 390.667052] IDTVectoring: info=00000000 errcode=00000000 [ 390.678561] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 390.681171] TSC Offset = 0xffffff2c6e1d01e9 [ 390.687269] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 390.693511] EPT pointer = 0x000000009120101e [ 390.711330] Interruptibility = 00000000 ActivityState = 00000000 [ 390.717695] *** Host State *** [ 390.720972] RIP = 0xffffffff811c8cac RSP = 0xffff8880463af8c0 [ 390.720995] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 390.721006] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 390.721016] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 390.721030] CR0=0000000080050033 CR3=0000000093cc9000 CR4=00000000001426f0 [ 390.721045] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 390.721057] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 390.721061] *** Control State *** [ 390.721069] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 390.721075] EntryControls=0000d1ff ExitControls=002fefff [ 390.721087] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 390.721097] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 390.721106] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 390.721112] reason=80000021 qualification=0000000000000000 [ 390.721122] IDTVectoring: info=00000000 errcode=00000000 [ 390.739255] TSC Offset = 0xffffff2c6e4a2395 [ 390.792346] EPT pointer = 0x000000009c06d01e [ 390.890677] *** Guest State *** [ 390.894254] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 390.904081] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 390.914760] CR3 = 0x0000000000000000 [ 390.918795] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 390.925805] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 390.933306] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 390.940758] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 390.949038] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 390.957231] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 390.965336] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 390.974271] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 390.982944] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 390.991375] GDTR: limit=0x00000000, base=0x0000000000000000 [ 390.999869] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 391.008132] IDTR: limit=0x00000000, base=0x0000000000000000 [ 391.016181] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 391.024498] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 391.031027] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 391.038513] Interruptibility = 00000000 ActivityState = 00000000 [ 391.045595] *** Host State *** [ 391.048810] RIP = 0xffffffff811c8cac RSP = 0xffff88804c3978c0 [ 391.054921] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 391.061411] FSBase=00007f43d5ac7700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 391.069351] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 391.075678] CR0=0000000080050033 CR3=0000000093cc9000 CR4=00000000001426e0 [ 391.082982] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 391.089912] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 391.096007] *** Control State *** [ 391.099495] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 391.106341] EntryControls=0000d1ff ExitControls=002fefff [ 391.112033] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 391.118972] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 391.126156] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 391.133065] reason=80000021 qualification=0000000000000000 [ 391.139919] IDTVectoring: info=00000000 errcode=00000000 [ 391.145672] TSC Offset = 0xffffff2c066af9f4 [ 391.150174] EPT pointer = 0x00000000a92ab01e 14:46:10 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vsock\x00', 0x402, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) fcntl$setstatus(r0, 0x4, 0x42803) 14:46:10 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe7}}}) 14:46:10 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$EVIOCGKEY(r2, 0x80404518, &(0x7f0000000400)=""/110) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000280)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000041000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f0000000180)="36360f01ca66b9b60b00000f3266b8630000000f23c00f21f86635020000000f23f80fc729640f300f01c9b805008ec866b93f03000066b80100000066ba000000000f3064da82000066b9800000c00f326635004000000f30", 0x59}], 0x1, 0x33, &(0x7f0000000240), 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:46:10 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x80ffff) 14:46:10 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x101002, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000000)={0xa000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:46:10 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r2 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/enforce\x00', 0x600100, 0x0) ioctl$IMCTRLREQ(r2, 0x80044945, &(0x7f0000000080)={0x4085, 0x400, 0x7, 0x7}) poll(0x0, 0xfffffffffffffeb4, 0x77919ce2) ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0xff, 0x0, 0xe, 0x8, 0x4, "cca0f71fd18e589a45b4946a8c58ecb54904577075f787c04f73336d0d667f9204863456f08fef0984c9ce766b8f566eed47ae87e1699b7e88074dcd56a6ddc2", "bdabd1dd169866ce64ca573e7fd593c159e6d10ff2ba83804d9130b35a26ea8f273e0677e60ad7676f53c67f6fb4dd3b1f501251225c350238e5b61a5221c4c8", "6994a530f2284b386e340947e03cc58fdf0d030452d2a5404f00017cdcb19dfd", [0x8, 0x1]}) ioctl$VIDIOC_G_FBUF(r2, 0x8030560a, &(0x7f0000000200)={0x40, 0x9, &(0x7f00000001c0)="e8eda6fcde4ed16c070116c9dbf512c8736ab716c70bba020467341b0d104dca481a10ca13ba7693eb49a81a4354d9b799e74b499e5d7b2fc1451739", {0x7, 0x474c, 0x34377b4f, 0x4, 0xfffffffffffffffa, 0x5, 0x5, 0xa2f5}}) r3 = gettid() tkill(r3, 0x1000000000016) tkill(r0, 0x16) 14:46:11 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}}) [ 392.648448] *** Guest State *** [ 392.659531] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 392.691085] *** Guest State *** [ 392.695855] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 392.705428] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 392.730356] CR3 = 0x0000000000000000 14:46:11 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x2, 0x73) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x69) getresuid(0x0, &(0x7f00000004c0), 0x0) fstat(r1, &(0x7f00000006c0)) connect(r1, &(0x7f0000000180)=@in6={0xa, 0x0, 0x0, @dev, 0x6}, 0x80) sendmmsg$inet_sctp(r1, &(0x7f00000003c0), 0x3a301e0909ff38c, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) gettid() perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffff9c, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) r3 = openat$pfkey(0xffffffffffffff9c, 0x0, 0x0, 0x0) r4 = memfd_create(&(0x7f00000005c0)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x3) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r3, 0x40505412, &(0x7f0000000040)={0x3, 0x1f, 0x62, 0x0, 0xf}) creat(0x0, 0x0) write$binfmt_misc(r4, &(0x7f0000000540)=ANY=[@ANYRES32], 0xfffffda2) ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, 0x0) fcntl$addseals(r4, 0x409, 0x8) tkill(r0, 0x1000000000016) tkill(r0, 0x16) [ 392.730485] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 392.753536] CR3 = 0x0000000000000000 [ 392.753883] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 392.760743] RSP = 0x0000000000000f80 RIP = 0x0000000000008000 14:46:11 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}}}) [ 392.789958] RFLAGS=0x00010002 DR7 = 0x0000000000000400 14:46:11 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x940000) [ 392.831143] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 392.839441] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 392.885494] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 392.900112] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:46:11 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7}}}) [ 392.938832] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 392.942582] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 392.969937] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 392.990784] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 393.030559] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 393.037049] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 393.094948] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 393.098013] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:46:11 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500}}}) [ 393.143153] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 393.186562] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 393.195436] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 393.221909] GDTR: limit=0x00000000, base=0x0000000000000000 [ 393.245522] GDTR: limit=0x00000000, base=0x0000000000000000 [ 393.247650] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 393.278119] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 393.307368] IDTR: limit=0x00000000, base=0x0000000000000000 [ 393.307546] IDTR: limit=0x00000000, base=0x0000000000000000 [ 393.338255] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 14:46:11 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = dup2(r0, r0) ioctl$sock_x25_SIOCDELRT(r1, 0x890c, &(0x7f0000000200)={@null=' \x00', 0xd, 'bcsh0\x00'}) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x15}, 0xfffffffffffffffa, 0x101, 0x0, 0x8, 0x0, 0x2}, 0xd5f4eb2bb8d6f5) getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f0000000180)={'ipvs\x00'}, &(0x7f00000001c0)=0x1e) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) perf_event_open(&(0x7f0000000100)={0x7, 0x70, 0x6, 0x10000, 0x9, 0x0, 0x0, 0x200, 0x100, 0x4, 0x120d, 0x7ff, 0x8235, 0xba, 0x8, 0x20, 0xfffffffffffffffd, 0x80, 0x8000, 0x2, 0x3, 0x400, 0x10001, 0x40, 0x4, 0x8, 0x3, 0x6, 0xffffffff, 0x2, 0x0, 0x9, 0x2, 0x3f, 0x7, 0xff, 0x80000000000b, 0x4, 0x0, 0x1, 0x5, @perf_bp={&(0x7f00000000c0), 0x8}, 0x8000, 0x4, 0x2, 0x9, 0x69f4, 0x1, 0x5}, r2, 0xe, r1, 0x3) fcntl$setstatus(r0, 0x4, 0x42803) 14:46:11 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}}}) [ 393.369323] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 393.396898] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 393.427140] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 393.438025] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 393.467001] Interruptibility = 00000008 ActivityState = 00000000 [ 393.486744] *** Host State *** [ 393.490235] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 393.502969] RIP = 0xffffffff811c8cac RSP = 0xffff88805dbf78c0 [ 393.525383] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 393.559813] Interruptibility = 00000000 ActivityState = 00000000 [ 393.566278] *** Host State *** [ 393.569569] FSBase=00007fb1e7916700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 393.578566] RIP = 0xffffffff811c8cac RSP = 0xffff8880463af8c0 [ 393.596361] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 393.609994] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 393.616110] CR0=0000000080050033 CR3=00000000a7df3000 CR4=00000000001426f0 [ 393.623710] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 393.632006] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 393.638101] CR0=0000000080050033 CR3=000000008e3a9000 CR4=00000000001426f0 [ 393.649866] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 393.656568] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 393.663386] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 393.670528] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 393.676910] *** Control State *** [ 393.681004] *** Control State *** [ 393.684474] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 393.691755] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 393.698646] EntryControls=0000d1ff ExitControls=002fefff [ 393.709888] EntryControls=0000d1ff ExitControls=002fefff [ 393.716266] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 393.724648] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 393.732271] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 393.739362] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 393.746471] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 393.753604] reason=80000021 qualification=0000000000000000 [ 393.760348] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 393.767034] reason=80000021 qualification=0000000000000000 [ 393.779801] IDTVectoring: info=00000000 errcode=00000000 [ 393.785387] TSC Offset = 0xffffff2b156411b4 [ 393.790308] EPT pointer = 0x00000000927c201e [ 393.795092] IDTVectoring: info=00000000 errcode=00000000 [ 393.812264] TSC Offset = 0xffffff2b15c1c1fa [ 393.829872] EPT pointer = 0x0000000094e1f01e 14:46:12 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$EVIOCGKEY(r2, 0x80404518, &(0x7f0000000400)=""/110) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000280)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000041000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f0000000180)="36360f01ca66b9b60b00000f3266b8630000000f23c00f21f86635020000000f23f80fc729640f300f01c9b805008ec866b93f03000066b80100000066ba000000000f3064da82000066b9800000c00f326635004000000f30", 0x59}], 0x1, 0x33, &(0x7f0000000240), 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:46:12 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ff}}}) 14:46:12 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, &(0x7f0000000100)={0x1, [0x1]}) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000000)={0x2000ec3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000002f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_GET_TSC(0x19, &(0x7f00000000c0)) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x80000003f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:46:12 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfd}}}) [ 394.042503] *** Guest State *** 14:46:12 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffe7}}}) [ 394.067483] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 394.115252] *** Guest State *** [ 394.130064] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 394.139221] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:46:12 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") poll(0x0, 0x0, 0x77919ce2) r2 = gettid() tkill(r2, 0x1000000000016) r3 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x8, 0x400) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000180)={0x0, 0x5d4}, &(0x7f00000001c0)=0x8) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000000200)={r4, 0x6, 0x97b}, &(0x7f0000000240)=0x8) setsockopt$IPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x41, &(0x7f0000000280)=ANY=[@ANYBLOB="6e617400000000000000000000000000000000000000000000000000000000000300"/88], 0x58) getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffff9c, 0x84, 0x1, &(0x7f0000000080)={0x0, 0xffff, 0x3, 0x7ff, 0x0, 0x3}, &(0x7f00000000c0)=0x14) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, &(0x7f0000000100)={0x6, 0x1, 0xfffffffffffffffc, 0x61832c16, r5}, &(0x7f0000000140)=0x10) tkill(r0, 0x16) [ 394.178968] CR3 = 0x0000000000000000 [ 394.189274] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 394.190081] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 394.217073] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 394.247684] CR3 = 0x0000000000000000 [ 394.250086] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 394.258495] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 394.260667] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 394.288137] RFLAGS=0x00000002 DR7 = 0x0000000000000400 14:46:12 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$video(&(0x7f0000000800)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}}) [ 394.295135] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 394.333558] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 394.344918] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 394.357568] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 394.367471] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 394.385341] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 394.416008] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 394.419075] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 394.440550] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 394.446701] GDTR: limit=0x00000000, base=0x0000000000000000 [ 394.450359] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 394.471479] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 394.472834] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 394.489796] IDTR: limit=0x00000000, base=0x0000000000000000 [ 394.494809] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 394.507403] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 394.517482] GDTR: limit=0x00000000, base=0x0000000000000000 [ 394.529906] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 394.549901] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 394.555485] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 394.573563] Interruptibility = 00000000 ActivityState = 00000000 [ 394.589827] *** Host State *** [ 394.593533] RIP = 0xffffffff811c8cac RSP = 0xffff8880463af8c0 [ 394.609905] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 394.617945] IDTR: limit=0x00000000, base=0x0000000000000000 [ 394.626626] FSBase=00007f43d5ae8700 GSBase=ffff8880ae800000 TRBase=fffffe0000003000 [ 394.645613] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 394.650149] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 394.659914] CR0=0000000080050033 CR3=0000000087d60000 CR4=00000000001426f0 [ 394.667199] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 394.689825] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 394.714735] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 394.719838] *** Control State *** [ 394.725035] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 394.731383] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 394.739829] EntryControls=0000d1ff ExitControls=002fefff [ 394.739844] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 394.739852] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 394.739861] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 394.739868] reason=80000021 qualification=0000000000000000 [ 394.739874] IDTVectoring: info=00000000 errcode=00000000 [ 394.739881] TSC Offset = 0xffffff2a581c382e [ 394.739889] EPT pointer = 0x00000000a5a0b01e [ 394.764544] Interruptibility = 00000000 ActivityState = 00000000 [ 394.846170] *** Host State *** [ 394.850992] *** Guest State *** [ 394.859164] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 394.859972] RIP = 0xffffffff811c8cac RSP = 0xffff888059de78c0 [ 394.890939] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 394.911861] CR3 = 0x0000000000000000 [ 394.920567] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 394.920831] RSP = 0x0000000000002000 RIP = 0x0000000000000000 [ 394.933527] FSBase=00007fb1e78f5700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 394.939798] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 394.962960] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 394.964845] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 394.976193] CR0=0000000080050033 CR3=000000008dfa3000 CR4=00000000001426e0 [ 394.977560] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 395.004874] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff870013a0 [ 395.015622] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 395.019814] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 395.035135] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 395.048229] *** Control State *** [ 395.061265] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 395.075431] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 395.077207] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 395.082983] EntryControls=0000d1ff ExitControls=002fefff [ 395.082998] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 395.083006] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 395.083015] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 395.083023] reason=80000021 qualification=0000000000000000 [ 395.083030] IDTVectoring: info=00000000 errcode=00000000 [ 395.083036] TSC Offset = 0xffffff2a52d65f09 [ 395.083051] EPT pointer = 0x00000000887ce01e [ 395.168384] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 395.183035] GDTR: limit=0x00000000, base=0x0000000000000000 [ 395.200397] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 395.208571] IDTR: limit=0x00000000, base=0x0000000000000000 [ 395.249782] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 395.257929] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 395.289776] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 395.297412] Interruptibility = 00000000 ActivityState = 00000000 [ 395.314251] *** Host State *** [ 395.317693] RIP = 0xffffffff811c8cac RSP = 0xffff8880a07e78c0 [ 395.327834] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 395.348052] FSBase=00007f43d5ac7700 GSBase=ffff8880ae800000 TRBase=fffffe0000034000 [ 395.371161] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 395.379862] CR0=0000000080050033 CR3=0000000087d60000 CR4=00000000001426f0 [ 395.386940] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff870013a0 [ 395.419796] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 395.427487] *** Control State *** [ 395.449823] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 395.457634] EntryControls=0000d1ff ExitControls=002fefff [ 395.473177] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 395.488565] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 395.495785] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 395.502931] reason=80000021 qualification=0000000000000000 [ 395.509302] IDTVectoring: info=00000000 errcode=00000000 [ 395.532792] device bridge_slave_1 left promiscuous mode [ 395.539435] bridge0: port 2(bridge_slave_1) entered disabled state [ 395.547885] TSC Offset = 0xffffff29e51b8534 [ 395.553855] EPT pointer = 0x000000009285901e [ 395.627333] device bridge_slave_0 left promiscuous mode [ 395.639537] bridge0: port 1(bridge_slave_0) entered disabled state [ 395.802232] device hsr_slave_1 left promiscuous mode [ 395.854909] device hsr_slave_0 left promiscuous mode [ 395.904329] team0 (unregistering): Port device team_slave_1 removed [ 395.915556] team0 (unregistering): Port device team_slave_0 removed [ 395.928811] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 395.994795] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 396.085904] bond0 (unregistering): Released all slaves [ 396.765312] IPVS: ftp: loaded support on port[0] = 21 [ 396.906477] chnl_net:caif_netlink_parms(): no params data found [ 396.977955] bridge0: port 1(bridge_slave_0) entered blocking state [ 396.986923] bridge0: port 1(bridge_slave_0) entered disabled state [ 396.999551] device bridge_slave_0 entered promiscuous mode [ 397.008566] bridge0: port 2(bridge_slave_1) entered blocking state [ 397.021599] bridge0: port 2(bridge_slave_1) entered disabled state [ 397.034044] device bridge_slave_1 entered promiscuous mode [ 397.065601] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 397.082069] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 397.114841] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 397.124564] team0: Port device team_slave_0 added [ 397.134573] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 397.144635] team0: Port device team_slave_1 added [ 397.155648] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 397.165392] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 397.254635] device hsr_slave_0 entered promiscuous mode [ 397.290317] device hsr_slave_1 entered promiscuous mode [ 397.330461] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 397.337595] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 397.353398] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 397.372435] WARNING: CPU: 0 PID: 23 at net/ipv6/xfrm6_tunnel.c:351 xfrm6_tunnel_net_exit+0x1df/0x370 [ 397.381985] Kernel panic - not syncing: panic_on_warn set ... [ 397.381985] [ 397.389555] CPU: 0 PID: 23 Comm: kworker/u4:1 Not tainted 4.19.34 #2 [ 397.392534] 8021q: adding VLAN 0 to HW filter on device bond0 [ 397.396075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 397.405505] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 397.411547] Workqueue: netns cleanup_net [ 397.411558] Call Trace: [ 397.411583] dump_stack+0x172/0x1f0 [ 397.421395] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 397.422964] panic+0x263/0x51d [ 397.439906] ? __warn_printk+0xf3/0xf3 [ 397.443798] ? xfrm6_tunnel_net_exit+0x1df/0x370 [ 397.448648] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 397.454214] ? __warn.cold+0x5/0x54 [ 397.457949] ? __warn+0xe8/0x1d0 [ 397.461405] ? xfrm6_tunnel_net_exit+0x1df/0x370 [ 397.467779] __warn.cold+0x20/0x54 [ 397.471852] ? kasan_check_read+0x11/0x20 [ 397.476393] ? xfrm6_tunnel_net_exit+0x1df/0x370 [ 397.481149] report_bug+0x263/0x2b0 [ 397.484878] do_error_trap+0x204/0x360 [ 397.488855] ? math_error+0x340/0x340 [ 397.492745] ? __flush_work+0x48c/0x840 [ 397.496735] ? error_entry+0x76/0xd0 [ 397.500462] ? trace_hardirqs_off_caller+0x65/0x220 [ 397.507733] ? flush_workqueue_prep_pwqs+0x590/0x590 [ 397.512843] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 397.517991] do_invalid_op+0x1b/0x20 [ 397.521839] invalid_op+0x14/0x20 [ 397.525306] RIP: 0010:xfrm6_tunnel_net_exit+0x1df/0x370 [ 397.531280] Code: 4c 89 e0 48 c1 e8 03 42 80 3c 38 00 0f 85 73 01 00 00 4d 8b 34 24 31 ff 4c 89 f6 e8 7b b8 61 fb 4d 85 f6 74 b3 e8 d1 b6 61 fb <0f> 0b eb aa 48 81 c3 00 08 00 00 45 31 e4 49 be 00 00 00 00 00 fc [ 397.551534] RSP: 0018:ffff8880aa39fbe0 EFLAGS: 00010293 [ 397.556998] RAX: ffff8880aa392600 RBX: ffff88808aa400c0 RCX: ffffffff86098065 [ 397.564415] RDX: 0000000000000000 RSI: ffffffff8609806f RDI: 0000000000000007 [ 397.571855] RBP: ffff8880aa39fc08 R08: ffff8880aa392600 R09: ffff8880aa392ef0 [ 397.579323] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88808aa40178 [ 397.589262] R13: 0000000000000017 R14: ffff888092d40780 R15: dffffc0000000000 [ 397.597553] ? xfrm6_tunnel_net_exit+0x1d5/0x370 [ 397.602584] ? xfrm6_tunnel_net_exit+0x1df/0x370 [ 397.607877] ? xfrm6_tunnel_alloc_spi+0x920/0x920 [ 397.612731] ops_exit_list.isra.0+0xb0/0x160 [ 397.617254] cleanup_net+0x3fb/0x960 [ 397.621058] ? unregister_pernet_device+0x80/0x80 [ 397.626019] ? __lock_is_held+0xb6/0x140 [ 397.630739] process_one_work+0x98e/0x1760 [ 397.635257] ? pwq_dec_nr_in_flight+0x320/0x320 [ 397.639956] ? lock_acquire+0x16f/0x3f0 [ 397.643937] ? kasan_check_write+0x14/0x20 [ 397.648220] ? do_raw_spin_lock+0xc8/0x240 [ 397.652560] worker_thread+0x98/0xe40 [ 397.656365] ? trace_hardirqs_on+0x67/0x230 [ 397.660702] kthread+0x357/0x430 [ 397.664068] ? process_one_work+0x1760/0x1760 [ 397.668546] ? kthread_delayed_work_timer_fn+0x290/0x290 [ 397.674217] ret_from_fork+0x3a/0x50 [ 397.680325] Kernel Offset: disabled [ 397.684291] Rebooting in 86400 seconds..