(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x78, 0x0, 0x9, 0x5, 0x0, 0x0, {}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0xffff}}, @NFCTH_STATUS={0x8}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_TUPLE={0x3c, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x24}}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}, @NFCTH_STATUS={0x8}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x20000040) 14:11:59 executing program 1: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000340)='/dev/fb0\x00', 0x2a82, 0x0) accept$alg(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'vlan0\x00'}) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={0x0}}, 0x8080) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x6, &(0x7f0000000100)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$TIOCL_GETKMSGREDIRECT(0xffffffffffffffff, 0x541c, &(0x7f0000000240)) 14:11:59 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) [ 414.490513] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 414.498114] EntryControls=0000d1ff ExitControls=002fefff [ 414.504245] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 414.511702] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 414.518393] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 414.526872] reason=80000021 qualification=0000000000000000 [ 414.533878] IDTVectoring: info=00000000 errcode=00000000 [ 414.539429] TSC Offset = 0xffffff1ee810ede8 [ 414.560175] EPT pointer = 0x0000000091afa01e 14:11:59 executing program 4: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = getpid() ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r0, 0xc0845658, &(0x7f00000000c0)={0x0, @reserved}) sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setreuid(0x0, r5) fchown(r0, r5, 0xffffffffffffffff) r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r7, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000000), 0x13f, 0x3}}, 0x20) ioctl$KVM_RUN(r6, 0xae80, 0x0) 14:11:59 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) dup(r1) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) [ 414.581419] Virtual processor ID = 0x0001 [ 414.779362] *** Guest State *** [ 414.782817] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 414.792503] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 414.801715] CR3 = 0x00000000fffbc000 [ 414.805645] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 414.811907] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 414.818014] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 414.824870] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 414.834066] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 414.842318] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 414.850325] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 414.867064] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 14:12:00 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000000200)=[&(0x7f00000000c0)='/dev/kvm\x00', &(0x7f0000000100)='\x00', &(0x7f0000000140)='\x00', &(0x7f0000000180)='/dev/kvm\x00', &(0x7f00000001c0)='/dev/kvm\x00'], &(0x7f0000000380)=[&(0x7f0000000240)='/{)%]/trusted$#trusted)(-\x00', &(0x7f0000000280)='/dev/kvm\x00']) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:12:00 executing program 3: syz_open_dev$midi(&(0x7f00000002c0)='/dev/midi#\x00', 0x200, 0x220840) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) r0 = socket$inet6_icmp(0xa, 0x2, 0x3a) r1 = openat$snapshot(0xffffffffffffff9c, 0xffffffffffffffff, 0x0, 0x0) ioctl$BLKFRASET(r1, 0x1264, &(0x7f0000000340)=0x8) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0)=r2, 0x4) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000100)=0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x8002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x1800, 0x9}, r3, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)) clock_gettime(0x0, &(0x7f0000000380)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2bfa, 0x0, 0x0, 0x0, 0x7, 0x0, 0x2}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000000200)={r4, r5+10000000}, 0x0) io_submit(0x0, 0x2, &(0x7f00000005c0)=[&(0x7f0000000440)={0x0, 0x0, 0x0, 0x3, 0x57, r0, &(0x7f0000000280)="ce14764cd6f35332ace78abed70b8da242ead65e43f2c85df948eebd3e2f93c964195e2a5d741217958b0592ee30ce6df985fe9aa5d4a3b58126c2e88c0a73", 0x3f, 0x0, 0x0, 0x1, r2}, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x3, 0x7ff, r0, &(0x7f0000000480)="decacbb2e64efade593b15eef2a809bddbfe87ad2739e01d9abcecfda0acaed4804f23820760c5392c23d3d804e1e52a5bb2b0714064a6da91a69473e7f67e6b02be620862429df2525c35b9e8c8451401bccc24e10008fc691b64a4069a748ea3b610d4891f577cd16aef982fdf455db140407e2820ac752af42c5bc8bcf72d0a06afda3d6066142c3784b6c389c245946e9dbe12119bd47d3da5ce3cefa7106981eba2f40b16f6b6037322299a2b654941e556e930c90dad6a5f8cf756a198d94cc54e6e17cf88be2d096345f683e7db57e159d9d56a8d407a71161eb535f6c05f534b8ebc1025c128f92ae388be6ca28e73570c60fb6f4b87ff5a385144", 0xff, 0x9, 0x0, 0x1}]) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r6, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) connect$nfc_llcp(r6, &(0x7f00000003c0)={0x27, 0x1, 0x2, 0x3, 0xd0, 0x3f, "85f8741eb6e31a41c9d5d0074b943313e09798b8f538dc8f8d96358150c2a407847fb7840c337866cce12210e44c6684d7af604b114676b8814a7c9ec8976b", 0x10}, 0x60) 14:12:00 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x70, 0x0, 0x9, 0x5, 0x0, 0x0, {}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0xffff}}, @NFCTH_STATUS={0x8}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_TUPLE={0x3c, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x24}}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x10}, 0x20000040) 14:12:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) dup(r1) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) [ 414.877920] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 414.887413] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 414.896478] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 14:12:00 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x34, 0x0, 0x9, 0x5, 0x0, 0x0, {}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0xffff}}, @NFCTH_STATUS={0x8}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x20000040) 14:12:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) dup(r1) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) 14:12:00 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x34, 0x0, 0x9, 0x5, 0x0, 0x0, {}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0xffff}}, @NFCTH_STATUS={0x8}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x20000040) 14:12:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) [ 415.114043] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 415.149306] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 415.172436] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 415.179439] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 415.187927] Interruptibility = 00000000 ActivityState = 00000000 [ 415.210191] *** Host State *** [ 415.217565] RIP = 0xffffffff8117dacf RSP = 0xffff88809ec179b0 [ 415.225779] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 415.232423] FSBase=00007f8986644700 GSBase=ffff8880aea00000 TRBase=fffffe0000034000 [ 415.240319] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 415.247089] CR0=0000000080050033 CR3=0000000087238000 CR4=00000000001426f0 [ 415.254592] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 415.264814] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 415.272560] *** Control State *** [ 415.276214] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 415.285778] EntryControls=0000d1ff ExitControls=002fefff [ 415.292889] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 415.299825] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 415.307581] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 415.315072] reason=80000021 qualification=0000000000000000 [ 415.321873] IDTVectoring: info=00000000 errcode=00000000 [ 415.327548] TSC Offset = 0xffffff1e9ad8f397 [ 415.333734] EPT pointer = 0x000000009531f01e [ 415.338405] Virtual processor ID = 0x0002 14:12:00 executing program 1: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000340)='/dev/fb0\x00', 0x2a82, 0x0) accept$alg(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'vlan0\x00'}) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={0x0}}, 0x8080) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x6, &(0x7f0000000100)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$TIOCL_GETKMSGREDIRECT(0xffffffffffffffff, 0x541c, &(0x7f0000000240)) 14:12:00 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x34, 0x0, 0x9, 0x5, 0x0, 0x0, {}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0xffff}}, @NFCTH_STATUS={0x8}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x20000040) 14:12:00 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) accept$alg(0xffffffffffffffff, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) ptrace$pokeuser(0x6, r4, 0x800, 0x5) ioctl$SNDRV_PCM_IOCTL_STATUS32(r3, 0x806c4120, &(0x7f0000000100)) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000000), &(0x7f00000000c0)=0x4) 14:12:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) 14:12:00 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x50e, 0xac206, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xf9}, 0x0, 0x0, 0xffffffffffffffff, 0x9) r0 = getpid() r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r1, &(0x7f00000002c0)={0x0, 0xfffffe75, &(0x7f0000000140)={&(0x7f0000000300)={0xfffffedb, 0x3, 0x1, 0x101, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x1fe}]}, 0x48}, 0x1, 0x0, 0x0, 0x4800}, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000000c0)={0x0}, &(0x7f0000000100)=0xc) setpriority(0x0, r2, 0x1) sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r5, 0xae80, 0x0) [ 415.500443] *** Guest State *** [ 415.522286] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 415.537165] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 415.551358] CR3 = 0x00000000fffbc000 [ 415.555204] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 [ 415.563461] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 415.570370] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 415.578455] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 415.587497] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 415.598750] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 415.607788] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 415.617639] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 415.626625] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 415.627190] *** Guest State *** [ 415.635902] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 415.642631] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 415.647341] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 415.657644] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 415.664065] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 415.672356] CR3 = 0x00000000fffbc000 [ 415.684148] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 415.685132] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 415.690273] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 415.701213] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 415.705855] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 415.710724] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 415.718493] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 415.730635] Interruptibility = 00000000 ActivityState = 00000000 [ 415.733993] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 415.739502] *** Host State *** [ 415.748346] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 415.756761] RIP = 0xffffffff8117dacf RSP = 0xffff8880584ff9b0 [ 415.760352] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 415.769779] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 415.773692] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 415.779452] FSBase=00007f2c0b2af700 GSBase=ffff8880aeb00000 TRBase=fffffe0000034000 [ 415.788897] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 415.798957] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 415.804413] GDTR: limit=0x0000ffff, base=0x0000000000000000 14:12:01 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x20000200, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r0, 0x407, 0x0) write(r0, &(0x7f0000000340), 0x41395527) ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r0, 0x3) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0) 14:12:01 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x68, 0x0, 0x9, 0x5, 0x0, 0x0, {}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0xffff}}, @NFCTH_STATUS={0x8}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_TUPLE={0x34, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x24}}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @broadcast}}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x10}, 0x20000040) 14:12:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) [ 415.810906] CR0=0000000080050033 CR3=00000000a822f000 CR4=00000000001426e0 [ 415.818352] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 415.833302] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 415.836807] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 415.852774] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 415.867845] *** Control State *** 14:12:01 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x54, 0x0, 0x9, 0x5, 0x0, 0x0, {}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0xffff}}, @NFCTH_STATUS={0x8}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_TUPLE={0x20, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x24}}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10}, 0x20000040) [ 415.875695] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 415.884776] EntryControls=0000d1ff ExitControls=002fefff [ 415.890428] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 415.896368] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 415.908320] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 14:12:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) [ 415.928035] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 415.937346] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 415.949842] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 415.964487] Interruptibility = 00000000 ActivityState = 00000000 [ 415.971037] reason=80000021 qualification=0000000000000000 14:12:01 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x4c, 0x0, 0x9, 0x5, 0x0, 0x0, {}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0xffff}}, @NFCTH_STATUS={0x8}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_TUPLE={0x18, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x24}}}}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x10}, 0x20000040) [ 415.977397] *** Host State *** [ 415.985666] RIP = 0xffffffff8117dacf RSP = 0xffff88804ff0f9b0 [ 415.996823] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 415.997818] IDTVectoring: info=00000000 errcode=00000000 14:12:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) [ 416.029520] FSBase=00007f8986666700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 416.038826] TSC Offset = 0xffffff1e30be54f4 [ 416.043833] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 416.045753] EPT pointer = 0x00000000a112001e [ 416.069878] CR0=0000000080050033 CR3=000000009aeca000 CR4=00000000001426f0 [ 416.077194] Virtual processor ID = 0x0002 [ 416.081040] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 416.092512] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 416.098920] *** Control State *** [ 416.104365] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 416.112173] EntryControls=0000d1ff ExitControls=002fefff [ 416.124748] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 416.135490] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 416.143343] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 416.150164] reason=80000021 qualification=0000000000000000 [ 416.157732] IDTVectoring: info=00000000 errcode=00000000 [ 416.163932] TSC Offset = 0xffffff1e22de0043 [ 416.168512] EPT pointer = 0x000000009738301e [ 416.174736] Virtual processor ID = 0x0001 [ 416.197973] *** Guest State *** [ 416.201542] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 416.211478] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 416.220469] CR3 = 0x00000000fffbc000 [ 416.225647] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 416.232150] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 416.238152] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 416.245807] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 416.254301] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 416.262998] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 416.270985] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 416.286074] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 416.296751] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 416.305708] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 416.314388] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 416.324272] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 416.333042] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 416.341713] EFER = 0x0000000000000000 PAT = 0x0007040600070406 14:12:01 executing program 1: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000340)='/dev/fb0\x00', 0x2a82, 0x0) accept$alg(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'vlan0\x00'}) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={0x0}}, 0x8080) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x6, &(0x7f0000000100)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$TIOCL_GETKMSGREDIRECT(0xffffffffffffffff, 0x541c, &(0x7f0000000240)) 14:12:01 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x38, 0x0, 0x9, 0x5, 0x0, 0x0, {}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0xffff}}, @NFCTH_STATUS={0x8}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_TUPLE={0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x20000040) 14:12:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) 14:12:01 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x401}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) prctl$PR_GET_NO_NEW_PRIVS(0x27) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) getsockopt$EBT_SO_GET_ENTRIES(r3, 0x0, 0x81, &(0x7f0000000380)={'filter\x00', 0x0, 0x3, 0xdb, [], 0xa, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000000180)=""/219}, &(0x7f0000000000)=0x78) [ 416.348134] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 416.356674] Interruptibility = 00000000 ActivityState = 00000000 [ 416.363608] *** Host State *** [ 416.366811] RIP = 0xffffffff8117dacf RSP = 0xffff88804ff0f9b0 [ 416.373537] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 416.391978] FSBase=00007f8986666700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 416.404116] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 416.439337] CR0=0000000080050033 CR3=000000009aeca000 CR4=00000000001426f0 [ 416.449227] *** Guest State *** [ 416.463241] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 416.471238] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 416.478787] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 416.485898] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 416.487499] *** Control State *** [ 416.499142] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 416.505279] CR3 = 0x00000000fffbc000 [ 416.510146] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 [ 416.517349] EntryControls=0000d1ff ExitControls=002fefff [ 416.522937] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 416.522949] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 416.534411] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 416.539614] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 416.548890] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 416.553077] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 416.558502] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 416.569624] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 416.573554] reason=80000021 qualification=0000000000000000 [ 416.580574] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 416.588421] IDTVectoring: info=00000000 errcode=00000000 [ 416.598776] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 416.601035] TSC Offset = 0xffffff1dd0dddd89 [ 416.609164] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 416.622149] EPT pointer = 0x000000009f37c01e 14:12:01 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) [ 416.633381] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 416.634594] Virtual processor ID = 0x0001 [ 416.641894] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 416.660617] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 416.678572] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 14:12:01 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2fe00000000007}, 0x0, 0x0, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x10d000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r5, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r6 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x402000, 0x0) accept$ax25(r6, &(0x7f00000000c0)={{0x3, @netrom}, [@remote, @rose, @null, @null, @bcast, @default, @netrom, @rose]}, &(0x7f0000000140)=0x48) 14:12:01 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x38, 0x0, 0x9, 0x5, 0x0, 0x0, {}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0xffff}}, @NFCTH_STATUS={0x8}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_TUPLE={0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x20000040) 14:12:01 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r1, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000100), &(0x7f0000000280)=[0x0, 0x0, 0x0], 0x0, 0x7}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0) 14:12:01 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) [ 416.690834] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 416.720460] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 416.733947] Interruptibility = 00000000 ActivityState = 00000000 14:12:02 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x38, 0x0, 0x9, 0x5, 0x0, 0x0, {}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0xffff}}, @NFCTH_STATUS={0x8}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_TUPLE={0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x20000040) 14:12:02 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) [ 416.741775] *** Host State *** [ 416.745240] RIP = 0xffffffff8117dacf RSP = 0xffff88809ec179b0 [ 416.754929] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 416.765134] FSBase=00007f2c0b2af700 GSBase=ffff8880aeb00000 TRBase=fffffe0000034000 [ 416.786448] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 416.797841] CR0=0000000080050033 CR3=000000009e297000 CR4=00000000001426e0 14:12:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) [ 416.849314] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 416.874965] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 416.885308] *** Control State *** [ 416.890044] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 416.908093] EntryControls=0000d1ff ExitControls=002fefff [ 416.915190] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 416.923707] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 416.930845] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 416.938774] reason=80000021 qualification=0000000000000000 [ 416.946031] IDTVectoring: info=00000000 errcode=00000000 [ 416.953543] TSC Offset = 0xffffff1daf9cfd44 [ 416.958029] EPT pointer = 0x00000000965dc01e [ 416.966533] Virtual processor ID = 0x0002 14:12:02 executing program 1: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000340)='/dev/fb0\x00', 0x2a82, 0x0) accept$alg(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'vlan0\x00'}) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={0x0}}, 0x8080) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x6, &(0x7f0000000100)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$TIOCL_GETKMSGREDIRECT(r3, 0x541c, 0x0) 14:12:02 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x4c, 0x0, 0x9, 0x5, 0x0, 0x0, {}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0xffff}}, @NFCTH_STATUS={0x8}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_TUPLE={0x18, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @dev}}}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x10}, 0x20000040) 14:12:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) 14:12:02 executing program 2: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r1 = dup(r0) setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f00000001c0)={0x8001, {{0x2, 0x4e20, @multicast1}}}, 0x88) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) lsetxattr$security_ima(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='security.ima\x00', &(0x7f0000000100)=@ng={0x4, 0xd, "f93213df69a612"}, 0x9, 0x1) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) openat$mice(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/mice\x00', 0x30001) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140)='nl80211\x00') pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r5 = accept4$packet(r4, &(0x7f0000000280)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000380)=0x14, 0x80000) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x48, 0x3, 0x1, 0x3, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x200}]}, 0x48}}, 0x0) dup2(r5, r6) ioctl$SNDRV_PCM_IOCTL_RESUME(0xffffffffffffffff, 0x4147, 0x0) 14:12:02 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x40, 0x0, 0x9, 0x5, 0x0, 0x0, {}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0xffff}}, @NFCTH_STATUS={0x8}, @NFCTH_TUPLE={0x18, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @dev}}}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x20000040) 14:12:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) 14:12:02 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x40, 0x0, 0x9, 0x5, 0x0, 0x0, {}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0xffff}}, @NFCTH_STATUS={0x8}, @NFCTH_TUPLE={0x18, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @dev}}}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x20000040) 14:12:02 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000100)={0x0, r0+30000000}, 0x0) 14:12:02 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0xfc, 0x0, 0x50b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f00000003c0), 0x4}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$SNDRV_PCM_IOCTL_READI_FRAMES(0xffffffffffffffff, 0x80184151, &(0x7f0000000140)={0x0, &(0x7f00000000c0)="28fcfbc61f413c6562636e90deb29f84970327bc80c599b3850c6b0c046e6ca5ba09979f780f6ae4445af4f154c701cbab2ad90e1847a7811f0305858e54c594d5e84a32e720c50f5feb1c28a11f79d7ff555304d47ed13ecea3f9310e822108d5bcd78aae1b00b6bc3a5fe5bf54203a1ef212", 0x73}) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[@ANYBLOB="480000000301ad19cbaea3dde4c83b3e4d13030000000000000000000000000001800800010000000000080002007f0000010c000280050001000000000006000340000000000000005af41123bb4117f502ff59a00caa6783b1b10b956df365b890ddbb2d224134698eb52a69715380b6f337cc19c478d7c433b8fe4b0a6d81aa8117d3e00dd5e780e403a2240ca198fd06044d7edf36c7d4cc2a00fc28d3670ef14e7e7ffd5af72cd85295d8dc79eefd4ed114a4a3920307d35b2c78ac4007a13d98763e119d02406fe9e53a0b70f0aedb83096d92d9eb1f9b06bf90970ac663391cc78dc794534644a90cc6ede0a374601b17028105feaed1464a7818915163e2a582233a65868783bb921a4470ac951d33302080eade2aded55ddba97a6a92fbd71a079c734325ef0afd8100d4a7510e6756f95da86073bfb5ab53066ec8956c06de287779919a9820b2e1bf1541802614dd4ee320ebbbeef53e3d0b"], 0x48}}, 0x0) fcntl$getownex(r1, 0x10, &(0x7f0000000000)) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r6, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$TCSETSF2(r6, 0x402c542d, &(0x7f0000000240)={0x2, 0x4, 0x6, 0x5, 0x0, "a07645eaf04efe0db06adf44c7c06fff15291b", 0xa11, 0x4}) r7 = openat$cgroup_ro(r5, &(0x7f0000000180)='rdma.current\x00', 0x0, 0x0) ioctl$EVIOCGKEYCODE_V2(r7, 0x80284504, &(0x7f00000001c0)=""/53) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 14:12:02 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x40, 0x0, 0x9, 0x5, 0x0, 0x0, {}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0xffff}}, @NFCTH_STATUS={0x8}, @NFCTH_TUPLE={0x18, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @dev}}}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x20000040) 14:12:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) 14:12:02 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x44, 0x0, 0x9, 0x5, 0x0, 0x0, {}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0xffff}}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_TUPLE={0x18, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @dev}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x20000040) [ 417.654959] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.4'. [ 417.844689] *** Guest State *** [ 417.848109] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 417.858070] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 417.867410] CR3 = 0x00000000fffbc000 [ 417.872088] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 417.878069] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 417.884953] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 417.892966] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 417.900965] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 417.909710] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 417.918276] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 417.926690] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 417.935251] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 417.943955] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 417.952632] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 417.960611] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 417.969389] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 417.977825] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 417.984822] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 417.994985] Interruptibility = 00000000 ActivityState = 00000000 [ 418.002200] *** Host State *** [ 418.005395] RIP = 0xffffffff8117dacf RSP = 0xffff8880554c79b0 [ 418.012347] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 418.018760] FSBase=00007f8986666700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 418.027327] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 418.033899] CR0=0000000080050033 CR3=0000000089ddc000 CR4=00000000001426f0 14:12:03 executing program 1: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000340)='/dev/fb0\x00', 0x2a82, 0x0) accept$alg(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'vlan0\x00'}) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={0x0}}, 0x8080) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x6, &(0x7f0000000100)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$TIOCL_GETKMSGREDIRECT(r3, 0x541c, 0x0) 14:12:03 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) 14:12:03 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x38, 0x0, 0x9, 0x5, 0x0, 0x0, {}, [@NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_TUPLE={0x18, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @dev}}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x20000040) [ 418.040923] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 418.048583] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 418.056051] *** Control State *** [ 418.059518] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 418.084347] EntryControls=0000d1ff ExitControls=002fefff 14:12:03 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x38, 0x0, 0x9, 0x5, 0x0, 0x0, {}, [@NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_TUPLE={0x18, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @dev}}}]}]}, 0x38}}, 0x20000040) [ 418.090176] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 418.111027] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 418.131224] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 14:12:03 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) 14:12:03 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x38, 0x0, 0x9, 0x5, 0x0, 0x0, {}, [@NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_TUPLE={0x18, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @dev}}}]}]}, 0x38}}, 0x0) [ 418.163985] reason=80000021 qualification=0000000000000000 [ 418.192971] IDTVectoring: info=00000000 errcode=00000000 [ 418.209016] TSC Offset = 0xffffff1cfd3b124a [ 418.236950] EPT pointer = 0x0000000099c4a01e 14:12:03 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, 0x0) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) [ 418.270528] Virtual processor ID = 0x0001 14:12:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000100)={0x80003}) ioctl$KVM_SMI(r2, 0xaeb7) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 418.461099] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.4'. 14:12:03 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbc2e, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) sched_setparam(r4, &(0x7f0000000000)=0x9) 14:12:03 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, 0x0) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) 14:12:03 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000440)='/dev/fb0\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') clock_adjtime(0x7, &(0x7f0000000280)={0x9, 0x0, 0xffffffffffffff45, 0x5a7, 0x100000001, 0x9, 0x5, 0x100, 0x401, 0x4, 0xd872, 0x9, 0x5, 0x3, 0x6, 0x9, 0x100, 0x9, 0xc3b4, 0x0, 0x1f, 0x9, 0x9, 0x2, 0x1df5, 0x6}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) ioctl$TUNSETVNETBE(0xffffffffffffffff, 0x400454de, &(0x7f00000003c0)=0x1) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000100)=0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) kcmp$KCMP_EPOLL_TFD(r2, r3, 0x7, 0xffffffffffffffff, &(0x7f0000000380)={r4, 0xffffffffffffffff, 0x8}) socket$unix(0x1, 0x2, 0x0) 14:12:03 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = dup(r1) r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140)='devlink\x00') syz_open_dev$cec(&(0x7f0000000180)='/dev/cec#\x00', 0x0, 0x2) sendmsg$DEVLINK_CMD_GET(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x30, r3, 0x1, 0x0, 0x0, {}, [@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}]}, 0x30}}, 0x0) sendmsg$DEVLINK_CMD_PORT_GET(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="000427bd70007cdbdf25040000000e0001006e65746465a9ee933fe48833f60002006e657464657673696d3000000800030003000000"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000) getpid() r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r6, 0xae80, 0x0) 14:12:04 executing program 1: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000340)='/dev/fb0\x00', 0x2a82, 0x0) accept$alg(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'vlan0\x00'}) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={0x0}}, 0x8080) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x6, &(0x7f0000000100)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$TIOCL_GETKMSGREDIRECT(r3, 0x541c, 0x0) 14:12:04 executing program 0: clone(0x41be, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = getpid() pipe(&(0x7f0000000300)={0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) splice(r1, 0x0, r2, 0x0, 0x30009, 0x0) ptrace(0x10, r0) ptrace$getregset(0x4205, r0, 0x0, 0x0) 14:12:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, 0x0) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) [ 418.855503] *** Guest State *** [ 418.893043] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 418.924679] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 418.934455] CR3 = 0x00000000fffbc000 [ 418.940988] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 [ 418.956548] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 418.962752] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 418.969740] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 418.978236] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 14:12:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) [ 418.986653] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 418.995281] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 419.007416] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 419.015897] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 419.027949] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 419.036407] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 419.045387] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 419.054123] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 419.062602] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 419.069883] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 14:12:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) [ 419.091711] Interruptibility = 00000000 ActivityState = 00000000 [ 419.105958] *** Host State *** [ 419.109490] RIP = 0xffffffff8117dacf RSP = 0xffff88804fb979b0 [ 419.115947] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 419.122825] FSBase=00007f2c0b28e700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 419.147297] *** Guest State *** [ 419.150679] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 419.150995] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 419.166559] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 419.178684] CR3 = 0x00000000fffbc000 [ 419.181388] CR0=0000000080050033 CR3=00000000a8418000 CR4=00000000001426f0 [ 419.188233] RSP = 0x0000000000000000 RIP = 0x0000000000000000 14:12:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) [ 419.192513] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 419.208919] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 419.218046] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 419.227173] *** Control State *** [ 419.230833] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 419.238035] EntryControls=0000d1ff ExitControls=002fefff [ 419.254698] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 419.256651] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 419.265303] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 419.283097] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 419.292818] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 14:12:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) [ 419.310179] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 419.315886] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 419.321941] reason=80000021 qualification=0000000000000000 [ 419.343397] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 419.345893] IDTVectoring: info=00000000 errcode=00000000 [ 419.355922] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 419.363143] TSC Offset = 0xffffff1c667645a1 [ 419.371897] EPT pointer = 0x00000000a7c3501e [ 419.376523] Virtual processor ID = 0x0001 [ 419.399935] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 14:12:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) [ 419.418293] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 419.436042] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 419.445819] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 419.469728] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 419.493878] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 419.513942] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 419.521778] Interruptibility = 00000000 ActivityState = 00000000 [ 419.528224] *** Host State *** [ 419.536001] RIP = 0xffffffff8117dacf RSP = 0xffff8880569779b0 [ 419.546429] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 419.553492] FSBase=00007f8986666700 GSBase=ffff8880aeb00000 TRBase=fffffe0000034000 [ 419.562392] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 419.572505] CR0=0000000080050033 CR3=000000009eed5000 CR4=00000000001426e0 [ 419.580265] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 419.587525] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 419.594170] *** Control State *** [ 419.597681] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 419.605492] EntryControls=0000d1ff ExitControls=002fefff [ 419.611110] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 14:12:04 executing program 4: r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0xba, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ptrace$setregset(0x4205, r0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)="4e64af1c661b1fbfb33662a4019d512ad656aa4cfb08b2dd3f89bfc2656e06ce944933211831ab914892cbdac5ecd664435c2f22624d6efcf5ab6f3e36ef078a969383795527d9f0acdeba58bea796b46e50218c2a", 0x55}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 14:12:04 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x104981}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:12:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) 14:12:04 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r0, 0x407, 0x0) write(r0, &(0x7f0000000340), 0x41395527) ioctl$VIDIOC_LOG_STATUS(r0, 0x5646, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x48, 0x3, 0x1, 0x3, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x200}]}, 0x48}}, 0x0) ioctl$FICLONERANGE(r3, 0x4020940d, &(0x7f0000000100)={{r1}, 0x7, 0xfff, 0x30000000000000}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) [ 419.618707] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 419.625812] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 419.632532] reason=80000021 qualification=0000000000000000 [ 419.638979] IDTVectoring: info=00000000 errcode=00000000 [ 419.644511] TSC Offset = 0xffffff1c3d8b885f [ 419.648836] EPT pointer = 0x00000000a4f4701e [ 419.661097] Virtual processor ID = 0x0003 14:12:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) 14:12:05 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:05 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) r0 = syz_open_dev$loop(0x0, 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x1276, 0x0) 14:12:05 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) r3 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ocfs2_control\x00', 0x40, 0x0) getsockopt$netrom_NETROM_IDLE(r3, 0x103, 0x7, &(0x7f00000000c0), &(0x7f0000000100)=0x4) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:12:05 executing program 1: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f00000004c0), 0x4) 14:12:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) [ 419.875663] *** Guest State *** [ 419.878982] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 419.889812] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 419.939707] CR3 = 0x00000000fffbc000 [ 419.957215] *** Guest State *** [ 419.960685] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 419.976651] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 14:12:05 executing program 1: sched_setattr(0x0, 0x0, 0x0) r0 = open(0x0, 0x151042, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f0000000080)) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x44042, 0x0) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000540)={0x100000001, 0x3ff, 0x0, 0x0, 0x1, [{0xffffffff, 0x0, 0x4, [], 0x406}]}) r3 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r3, 0x1, 0x11, 0x0, &(0x7f0000000280)) sendmsg$nfc_llcp(r2, &(0x7f0000000500)={&(0x7f00000000c0)={0x27, 0x1, 0x2, 0x4, 0x9, 0x0, "aff38f466ec3224ce649d47cd98b49b43774527d2f786fa407b18ec8a51353bbc7e1a6688593c6b78bf55ff70032cb3eef2fd72e72151f5387a70caf85a3e7", 0x6}, 0x60, 0x0, 0x0, &(0x7f0000000240)={0x20, 0x109, 0x7, "1f49063bf0809733c367accc2148"}, 0x20}, 0x4000080) mount$9p_tcp(&(0x7f0000000000)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) ftruncate(r2, 0x2008002) sendfile(r1, r2, 0x0, 0x200fff) [ 419.988914] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 420.002628] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 420.009806] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 420.016907] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 14:12:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) [ 420.035486] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 420.055977] CR3 = 0x00000000fffbc000 [ 420.073324] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 [ 420.090891] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 420.099766] audit: type=1800 audit(1588169525.340:29): pid=27009 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="bus" dev="sda1" ino=16225 res=0 [ 420.107936] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 420.124664] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 420.144035] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 420.177320] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 420.188167] audit: type=1800 audit(1588169525.410:30): pid=27009 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="bus" dev="sda1" ino=16225 res=0 [ 420.194665] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 420.217559] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 420.223279] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 420.235189] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 420.238779] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 420.251328] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 420.267199] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 420.276423] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 420.283971] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 420.292268] Interruptibility = 00000000 ActivityState = 00000000 [ 420.297857] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 420.298657] *** Host State *** [ 420.312104] RIP = 0xffffffff8117dacf RSP = 0xffff88804e16f9b0 [ 420.318467] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 420.326651] FSBase=00007f8986666700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 420.335312] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 420.342280] CR0=0000000080050033 CR3=00000000a8773000 CR4=00000000001426f0 [ 420.349583] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 420.358194] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 420.365390] *** Control State *** [ 420.368327] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 420.368979] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 420.385405] EntryControls=0000d1ff ExitControls=002fefff [ 420.389954] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 420.392072] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 420.406582] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 420.414211] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 420.415981] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 420.420966] reason=80000021 qualification=0000000000000000 [ 420.430872] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 420.436221] IDTVectoring: info=00000000 errcode=00000000 [ 420.450431] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 420.451717] TSC Offset = 0xffffff1bec2cfbe4 [ 420.458812] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 420.464632] EPT pointer = 0x000000009661701e [ 420.475258] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 420.477039] Virtual processor ID = 0x0001 [ 420.484713] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 420.503671] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 420.523745] Interruptibility = 00000000 ActivityState = 00000000 [ 420.530059] *** Host State *** [ 420.535591] RIP = 0xffffffff8117dacf RSP = 0xffff8880a60ff9b0 [ 420.544919] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 420.553008] *** Guest State *** [ 420.553631] FSBase=00007f2c0b2af700 GSBase=ffff8880aeb00000 TRBase=fffffe0000034000 [ 420.556333] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 420.556347] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 420.568223] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 420.586433] CR3 = 0x00000000fffbc000 [ 420.593789] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 420.598009] CR0=0000000080050033 CR3=000000009eed5000 CR4=00000000001426e0 [ 420.599904] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 420.608767] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 420.613002] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 420.624957] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 420.627112] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 420.633700] *** Control State *** [ 420.641104] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 420.645204] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 420.655729] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 420.659806] EntryControls=0000d1ff ExitControls=002fefff [ 420.666881] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 420.673547] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 420.686275] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 420.689337] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 420.696239] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 420.703983] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 420.718456] reason=80000021 qualification=0000000000000000 [ 420.721646] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 420.725859] IDTVectoring: info=00000000 errcode=00000000 [ 420.739018] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 420.739146] TSC Offset = 0xffffff1bcdc418a2 [ 420.748358] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 420.754835] EPT pointer = 0x00000000a08cc01e [ 420.764369] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 420.766204] Virtual processor ID = 0x0002 [ 420.776686] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 420.787807] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 420.803182] Interruptibility = 00000000 ActivityState = 00000000 [ 420.809444] *** Host State *** [ 420.815153] RIP = 0xffffffff8117dacf RSP = 0xffff88804e16f9b0 [ 420.823154] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 420.829846] FSBase=00007f8986666700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 420.839148] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 420.845681] CR0=0000000080050033 CR3=00000000a8773000 CR4=00000000001426f0 [ 420.853800] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 420.860480] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 420.866826] *** Control State *** [ 420.870277] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 420.877539] EntryControls=0000d1ff ExitControls=002fefff [ 420.883440] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 420.890358] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 420.897103] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 14:12:06 executing program 4: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x9) 14:12:06 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:06 executing program 1: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) fsetxattr$trusted_overlay_redirect(r1, 0x0, &(0x7f0000000280)='./file0/file0\x00', 0xe, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) connect$bt_l2cap(r0, &(0x7f0000000340)={0x1f, 0x1, @none, 0xe0}, 0xe) r2 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90", 0x3f) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:06 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) 14:12:06 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) r0 = open(&(0x7f0000000100)='./file0\x00', 0x2, 0xac) ioctl$KVM_S390_INTERRUPT_CPU(r0, 0x4010ae94, &(0x7f0000000280)={0x3ff, 0x401, 0x40}) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0) 14:12:06 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x785000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 420.903844] reason=80000021 qualification=0000000000000000 [ 420.910249] IDTVectoring: info=00000000 errcode=00000000 [ 420.916032] TSC Offset = 0xffffff1b81ad8612 [ 420.920360] EPT pointer = 0x000000009661701e [ 420.924855] Virtual processor ID = 0x0001 14:12:06 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) 14:12:06 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) 14:12:06 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x48, 0x3, 0x1, 0x3, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x200}]}, 0x48}}, 0x0) getpeername$netlink(r0, &(0x7f0000000000), &(0x7f00000000c0)=0xc) getpid() r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r2, 0x4, 0x6100) write$cgroup_type(r2, &(0x7f0000000200)='threaded\x00', 0x175d900f) openat$cgroup_ro(r2, &(0x7f0000000100)='cpuset.memory_pressure\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r5 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm-control\x00', 0x101100, 0x0) ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000001c0)={0xc, 0x0, &(0x7f0000000180)=[@dead_binder_done], 0x9c, 0x0, &(0x7f0000000380)="5dc3ef75a2f1a16d2e3cb158470a6d9fd7dcd90f972166f803bb70a690f9c1825d4600fe8f991f8f77a0b6636577750eae881d59d1fa05de34ce2aae0cc54a2ce3844254584e508e5f7285ddbb35da3bcc77b51e37662b860fffabe6062e283c8d9239c138fd0318cef36480622388031e5aa1ef186ef4908b0340a766e3681bdcc68762b8e8899284ec209d02b0e1e1a4b2e6ccdf454aff15be7fce"}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x100000000000000, 0x0, 0x8, 0x0, 0x400, 0x1, 0x0, 0x800, 0x4, 0x8, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20800}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 14:12:06 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='ip_vti0\x00', 0x10) connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @rand_addr=0x7fffffff}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000030, 0x0) 14:12:06 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) 14:12:06 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 421.266917] *** Guest State *** [ 421.276796] *** Guest State *** [ 421.280164] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 421.299910] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 421.300331] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 421.323034] CR3 = 0x00000000fffbc000 [ 421.334239] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 421.353181] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 421.359436] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 421.367401] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 421.376688] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 421.385929] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 421.386267] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 421.415455] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 421.424825] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 421.451339] CR3 = 0x00000000fffbc000 [ 421.455088] RSP = 0x0000000000000001 RIP = 0x0000000000000000 [ 421.468161] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 421.491056] RFLAGS=0x00020802 DR7 = 0x0000000000000400 [ 421.502516] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 421.510568] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 421.521523] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 421.529536] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 421.530729] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 421.537804] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 421.537813] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 421.537821] Interruptibility = 00000000 ActivityState = 00000000 [ 421.537824] *** Host State *** [ 421.537833] RIP = 0xffffffff8117dacf RSP = 0xffff8880578179b0 [ 421.567508] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 421.568659] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 421.586086] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 421.588738] FSBase=00007f8986666700 GSBase=ffff8880aeb00000 TRBase=fffffe0000034000 [ 421.588747] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 421.588759] CR0=0000000080050033 CR3=00000000907d8000 CR4=00000000001426e0 [ 421.588773] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 421.616063] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 421.618098] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 421.639020] *** Control State *** [ 421.641933] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 421.642672] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 421.657372] EntryControls=0000d1ff ExitControls=002fefff [ 421.663048] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 421.665178] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 421.670126] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 421.690654] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 421.697967] reason=80000021 qualification=0000000000000000 [ 421.699158] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 421.704517] IDTVectoring: info=00000000 errcode=00000000 [ 421.718034] TSC Offset = 0xffffff1b1e35b33b [ 421.722542] EPT pointer = 0x00000000978a801e [ 421.727074] Virtual processor ID = 0x0001 [ 421.731664] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 421.740862] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 421.749201] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 421.757474] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 421.765741] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 421.772340] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 421.779907] Interruptibility = 00000000 ActivityState = 00000000 [ 421.786330] *** Host State *** [ 421.789606] RIP = 0xffffffff8117dacf RSP = 0xffff888055b279b0 [ 421.795764] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 421.802359] FSBase=00007f2c0b28e700 GSBase=ffff8880aea00000 TRBase=fffffe0000034000 [ 421.821658] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 421.834372] CR0=0000000080050033 CR3=00000000a4ee1000 CR4=00000000001426f0 [ 421.849283] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 421.863827] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 421.875490] *** Control State *** [ 421.883484] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 421.896875] EntryControls=0000d1ff ExitControls=002fefff [ 421.909168] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 421.922895] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 421.938997] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 421.961039] reason=80000021 qualification=0000000000000000 [ 421.967421] IDTVectoring: info=00000000 errcode=00000000 [ 421.981061] TSC Offset = 0xffffff1b1ae96415 [ 421.985409] EPT pointer = 0x000000008750e01e [ 421.989821] Virtual processor ID = 0x0002 14:12:07 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x4}, 0x4010, 0x0, 0x10000000, 0x0, 0xa8fa, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:12:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) 14:12:07 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:07 executing program 1: openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) socket$inet6(0xa, 0x2, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000380)='/proc/sysvipc/shm\x00', 0x0, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000000300)) socket$vsock_stream(0x28, 0x1, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 14:12:07 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x3], 0x0, 0x20000}) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000000)={0xa000, 0x2000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:12:07 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) 14:12:07 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:07 executing program 2: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000000)='trusted.overlay.nlink\x00', &(0x7f00000000c0)={'L-', 0x5}, 0x16, 0x1) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffff000], 0x0, 0x20000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:12:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) 14:12:08 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 422.786759] *** Guest State *** [ 422.800426] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 422.820184] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:12:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) [ 422.887514] CR3 = 0x00000000fffbc000 [ 422.900546] RSP = 0xfffffffffffffff9 RIP = 0x0000000000000000 [ 422.907734] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 422.921092] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 422.931260] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 422.948070] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 422.956319] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 422.990678] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 423.004725] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 423.016073] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 423.027409] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 423.040458] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 423.051607] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 423.060353] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 423.073079] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 423.084330] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 423.094716] Interruptibility = 00000000 ActivityState = 00000000 [ 423.103930] *** Host State *** [ 423.107356] RIP = 0xffffffff8117dacf RSP = 0xffff88804d3079b0 [ 423.117488] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 423.126341] FSBase=00007f2c0b2af700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 423.139246] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 423.147615] CR0=0000000080050033 CR3=000000008e442000 CR4=00000000001426f0 [ 423.160779] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 423.170006] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 423.179826] *** Control State *** [ 423.185697] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 423.195988] EntryControls=0000d1ff ExitControls=002fefff [ 423.203910] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 423.214548] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 423.224169] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 423.231780] reason=80000021 qualification=0000000000000000 [ 423.238367] IDTVectoring: info=00000000 errcode=00000000 [ 423.245440] TSC Offset = 0xffffff1a49d7691a [ 423.249986] EPT pointer = 0x0000000094b7701e [ 423.255720] Virtual processor ID = 0x0002 [ 423.285587] *** Guest State *** [ 423.299159] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 423.345466] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 423.363930] CR3 = 0x00000000fffbc000 [ 423.368060] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 423.384968] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 423.397633] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 423.421085] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 423.429397] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 423.444215] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 423.459934] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 423.489140] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 423.507455] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 423.526482] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 423.544027] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 423.561769] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 423.578942] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 423.596130] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 423.609525] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 423.625343] Interruptibility = 00000000 ActivityState = 00000000 [ 423.639938] *** Host State *** [ 423.643679] RIP = 0xffffffff8117dacf RSP = 0xffff888056bcf9b0 [ 423.649938] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 423.657036] FSBase=00007f8986666700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 423.665628] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 423.672017] CR0=0000000080050033 CR3=00000000907d8000 CR4=00000000001426f0 [ 423.679256] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 423.686712] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 423.693380] *** Control State *** [ 423.697061] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 423.704481] EntryControls=0000d1ff ExitControls=002fefff [ 423.723768] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 423.744103] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 423.775900] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 423.783655] reason=80000021 qualification=0000000000000000 [ 423.790083] IDTVectoring: info=00000000 errcode=00000000 [ 423.804621] TSC Offset = 0xffffff1a4fdb5a55 [ 423.809310] EPT pointer = 0x000000009e8a501e [ 423.814823] Virtual processor ID = 0x0001 14:12:09 executing program 4: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r0, 0x407, 0x0) write(r0, &(0x7f0000000340), 0x41395527) ioctl$VIDIOC_TRY_ENCODER_CMD(r0, 0xc028564e, &(0x7f0000000000)={0x3, 0x0, [0xfbc, 0xdb, 0x4, 0x7fff, 0x65, 0x0, 0x32, 0x1]}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 14:12:09 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff000000000000000000000000010000000200000006"]) 14:12:09 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:09 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) accept4$unix(r3, &(0x7f00000000c0)=@abs, &(0x7f0000000000)=0x6e, 0x800) ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000380)={0x3ff, 0x4, 0x3, {0xc, @win={{0x6d21, 0x6, 0x2, 0x7f}, 0x4, 0x40, &(0x7f00000001c0)={{0x1, 0x4, 0xf9db, 0xb0}, &(0x7f0000000180)={{0x7, 0xabf, 0x5, 0x5}, &(0x7f0000000140)={{0x8, 0x7f, 0x80000001, 0x4}}}}, 0x101, &(0x7f0000000240)="d4f3766157d77fddbef75ad711a4c429f737ad50f62ab3f592bf0159bd388c4a513df74119bbeac9b08912cf8347ed"}}, 0x8}) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f0000000600)={{{@in=@initdev, @in=@broadcast}}, {{@in6=@ipv4={[], [], @broadcast}}, 0x0, @in6=@private0}}, &(0x7f00000005c0)=0xe8) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000480)=0xfd, 0x4) write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000700)={0x8, {"f5468eb9e08786a279f7485558d700927577fd39d0febfe10f07425cb432c91a388bf3593b4363b18cc528f957bc41762253fa9d18b00af8fe0315faf636ac37cb0345c7cdecd8f7ec94eb5b84d52eabbe06378855feabda250b3502680883453fae4b0fb2b97e1aaecdcba158deb51f90276a512c05c1014718bc664d1ba7c7661fc7039e192dd7d469d3d9349ff47867a512573089646a66b4710aee50f059e921d010d3a18b0cddb0d9790e560e4bc4443930b6e53c1c664c0675de10f04ea39ef1d9584f681458f60878f5913975d75b88968a382f890e007fac7f4025b449254c74ac8748912ddfcc35b307324fb3bd9b0996d02664e092d98060ab7ab4749b0d88326483a38e35e07c7d29b0d19d094e25a0a0f1288eed17ce7cefa07dda83ad815fbd9879d16014628acea5736f4db6d700d6b00dc9e739cf22a641c1b38eea43c8be8194fdadca8cd057269d75dd04e305d935ab9d8c5f009f626b6136a65d721b397355914b2dc114d30eefdce819147f94deb52988d0d9d0996399301aa3e9a375e7527d0326a0671e6f176966a6b4c380c2c3657455f309f5d52c7d07b2e27d608ccadde2a6c948b57b29cf298e03402b954b1aac8575fdbe86b2967b8cb12c2b6923f32c5ab9b35c4b1fb215d9e12959bad229cbb0de31fc5f7084642d21180270ca2a0ee2f1805f770adfa652ae5d27c137b5b5017e3df16be6643edf3078d503884f8f70bc0ca945a896e04e1386bd702d14e00861683d8cdb71203dba23f174832de14135232d2d67efd82d8575d6fe36d614b4fecd2b25ae559c478436cc3f4c2d46b82462c954e0dfce7fc6f63d8c8ffc4f12bbf90e131be40497e56b8b7caea2e5e2b7d89ff4e1d934e02e71db1b835dd3a7e2f4deee477acf415557e2456b7a51822896121085ed2ab7bc9aae6de65692fd1dd714553b1baf2d74a19c78af5751cfd9c938a19333b48f07e1293ab1d513e40fd2ccfbbbd71b3940bcbe464319e54edd53b2de17d901ccb9b7ee2db13bb093a7d45b24b13e791877fb56318e3bfda4e47d2574c71697bc5daa7c6dd77f9b19d14171b8602bb0b62550e8349fe78e2f0fd54b3d302a9d6f9515b5f169d455054fccfcf8e84688b9a763eed2c9241c58fdf2a2b36436f9b7c7f2537b8284ad8dc07549e1778c3c4cd90dbd672c15a2496806ff7bd96cf0a5dd555d301fde07c719cfdd7dc97bec56b22b7ae01ac4dccb90e4aae0b124322a38855cb40a9cb9b45fa7791dcf6486b63feb0955ece3723632b099525d9531a7412c07ef0e52b321a5cfd7d4c314d76e7f7a1c426b94201ece74feb1cb191f92334ed647163cb7526f3b3499d7399027ab41557fcbfd03d4f9e2e1bbd8a4f12fb8d59a746fcceabf1f77b74c0e317deb702e9f40aab46251fbc544738d18e52edbf8be19970391f1aeda5352f2cec87a39bd36464bb925656187bc9b888abab3f651e5344e4b6c042ccd5bfdd3acb74f9bc17fd8e5962e0eb8ab171caafe2069e2011dc0fc94d4fb89fa511238c9641acfca631ea591679e0e20ec53c11ddeeaaa01cff41de11621875a72e5df174b211eb358e580ae4fc3d3c2158614a9ca00dc709ca8f5facd3d33cd718551d162ec4d2af9e0e1ecddefd88cd5e00ca8910c2b15ea3f2b009871035ed647a7f9dcb6dd0e6b531d550bd7846e23b7b392939e65bd07ac3fbaa7dc18dd871995cfb005febeca85e9fc1f6f2a0e3016720c1abf98865cd8dd9fa5e5c8d7d02936a7e547879a1a06efc14e125531873c3939e839851e9c85973db27f280f1b7f8e3c4559cf77716d71e8d36abae67be685a65ed05b63f8e81c5e9e34372e827872a4c3fb6fb597284d349a4a57deac72d7d57870068aee30149629d6e314cfc95b241798643833acfcf939b979af6f1929cf85c1c54b383b9d40aa39e07fd94d7f72d3043a92356edcab1126f6d397a30f7d86e137d3a5c2bad6b49e90d0bbfdcd9c637263cb4265cc1153cb2fd581d6bc4a882adfa0a57c658f7a9e64216e4c6d48f56b1ae97d1654ce4a007702daafb3979fba0b3a3f8b32251c24a761eced33a0e945cadf9e21711b8537c0c3bd393ec8f9e88b5b72d521a2b07e16a32cff7af9c359aba1db48bc4fd5d79662292ebe684e27738f8a2958a2e2f4e12c064b5111a868b4a261071ab85c80f327c1e698aecf79a8a6be87aa293a42a5ef80532016ce0911b0e2c4e61f33971718ea5a1c64d47bd00a2a07f437f4b9c10e2bbaa454c0e99fa5cb99e577e7249b27875de14053f2902352cbaf8eebe894cc0161e7f149bf7ffc9184f4c3a60cc09d1a62d83926ca551fc783ba48af3df452d16b4fc6cc22a2b6ac8a58e9e56c4aa8ed66fced064574808c3efaa00dddc681e8b99f206457f543be4b0dcc2e88bf517530694c339f6ceadd9af86befd15aeae8bac7ffb9bd6d6320bf3a82e9f0e7bce70097fea0c6b56688931c3e58b90531480e0aa1b54612843c54c2ff91890beb8438a70c06ee6f95e1074854c0d9366da9d1279b1e2c36dfe3a87e647a676205e4badee4af0e25bb4ea0c1c194755e7b4157b648b3ce37722ba883c9986551d605f3603ad666906d88bf648b05fc6fe842210202ac5b16ea1019c8434a4aeb494b64f38c8e45073b2b62d697f71034b7a6159a279a226a0290c4b482f8a5cf0fb3870845c2a52278e5ade392f8dd3a43158d069b349680ec4815b85492071ca0c5a940c837d2ad90e7c02081bfc8801a71488a13856b7ea72d8938335a878c359a118924e229a22d7e5b8cb8050e08989ff4a33d506e32a158b9460992e5a5f28df7374ee0f0901226da96ee2179c0a2bab49dfa700391f8cb54a56f0a888f8607055893cb94e6b801a1e33c9ef6aa7a38f1819c7721d8ecac36d5925537dc101d5d69c6552966756a16cd9b8822c94ff2175ac72a7aeec4ddbfbb47f954381bb57f20af313e29aa484c4b3447af097dd580ed239481086bb5450e3a639b5e99160089512a1feba01469bcab372b76f2959c769cf542e86942451a3318ea37f59e3ec36aa043c829893bedeec59e954f63d39dd74ed355053dcbcd16290ff6249e32f2da1605a0abf43d4cac0e5416475b69fe00b1d678782acc3708a55bef08775389dd06168ed173dc17231bee538e978103d2e4622634b1721f32c4c6ab22fa772dc908a58ef9251302f6478637765eddbe037182a63d9d7ec37b5b6b22ae08b7a2a33fe4841e36c6f4b24dd1097840a725bdebc0d7a5030e6d12c45d4820aaa23db43ce30bb686a4a1c564b022c4cae45c2284c38d8735a598b78b6fdfb0508915fa8de0e07657f9fe1401fe868129c021d5f644c366fe0a4cddbd539b8db67d8cf3120316ea73fd99ce139a09076a3e9ba77d60ffce4993cd37129a305bac748126aa1afd36090407aea87666784d54877738d8b6f3d10c04855417749a43c40e743ddf41dec4a157d21299f73846a1349e362df0b1c4bc8097f6f99e61ac4ff58c46b811a3da00642e18d912961d127a240070181e95275f10c8eafe0615a0c7c57706db0be294051710ff09c0b00113625f8992d60edd6795fd6327fd1f9ea5f6d61e138dfdbe008243dc8594f693ca280ebe8cb1a86ef94f39d906a38ac9cb07e78eee56008fc67320ccf6e8144de08e236e846470ccad33aa09a2b0bc01333c1215d5b361cb94b9314c119965ed8486fe1fd9accafd69099c90858e868253ec6addfcc407e247ead368cdd37f371a0315eaefc2204890ef06efaa2664d304f1d1e4d669e5162e5559dbea2373063baca098dfdbf6c54c0003e0911bf86d04b9b56282fe401c404c355d944a1a30e7a2f5464af623d3dcba6e70320d39cff25fbe22ce041b8168b8c26dec34fe22ebebcf2e2154e8f4347c1950cfb0d4e07c1b67c899a25a831625ae5d3a61dab3771699cd0b18d6afab2e260624a8f2a2dc2a67003486135b8976ea13ab82661e9f56cc4e963d5a35c6a5de32e4fde78071d03e9c8f008ec092153d8d689e258d9bb06a0dc2a0c81fc28b39cbeff1604216e833b167aa7772c3f5bae27f008d7b05a4bfb95273322546ef2553fa1a500890c46b823e0f72bfb0b7daa509c535ab403fad418200d375f40c481c887776bdec56e620a17667c20df49f29b4750bc0f588b45e6b0b0f7dcebac5388c3aad8900c98c800e36d5f4d94dff8961bbdc1943fbfd79c881098df9fd9fd0eb4bc7a623faa50c31bdf4bda2ef5577789c4bd5766fbfbdf11798e8b87a53f3c898a87f489606cc652b59f0a3dcf380c81d055c57b5f31dbc6bae5e096a3c23f87d25e827b5f5daabd0ba2e82bec81e3f6a492741135757b1f94394f28070897557d15caae50fdef1703ebe63de7ff0c8010f61a4714157bb2527edd05a003b947e3eec5313b64519a535cd37d28a438ca0f273a57672c6877587de08c058e1df9f9f3271dbc3d2474f3132a889ccabe7f0ad1b309f82f834e67e6c0eea90e149938e01b327cd9c9883909ae815d93e049dc5564b0fc46b84114315f6b8fd42d970773efd089d8a12cdd7a337ff06d7d2f227310ffee8652dd8333efd76de8518e83e3006add8fa3ed0645077cd656ca46b82e2aa38e595cf510685aca9dfff9ddd6f50c747549627d62ec63e12563d173c9ee42be82ee5a85bf1a5f0a6bd859cc18b0a160d17761cfd87efab3ec8d16d13ad0d8a1dfc40d1cfa496e8f02efa2b79393b86ff36255ccd7aab4db5ed5cbd7379bd4779143133da65723a7d2f4fa19de28b7d0c3adaf915a83d137fb83b9d6e32b502ece1c25eef55e0fc5dd8afec7f43cf9d0c76a64c9bd01154f2d4046446bd3e893d295910a185f7d886bcb1a8ce711eeb6f3c12f8c2a610814b77f97f6e202ab11e35903c60a2522622e1c92f64dfdc3e7fc02b16fb83060ab09b7d4366eb7ce3bcc1f0fd44f31e935d5300f123fab8f57b8127759f98e3f6d81ce74a4d947e6fb4ef5bfb1145595dbfeaeee41a286f389159860c361314794cd29374a89e65d97ba6bfa13654fc80034be377c4c59fadb8693d1b7d50cbf3ef301f4078dbce051386e0f7258a81ed4b0eb41c35b9d1082f292dfdc58c47863e67a796774eb0ab46bc273cf4b53325a0a8b6f466f2c2534d46795c8cca084f2efdf76da7fa3a407029f646a874b1a84fa2b1b8c3565a6bf7c68c93181dd79ec47b181935a784e3f464289f8f30c291c47b4a5b35a26824981c1bca4e5fe8d6587785b3b730168f2cc6f83820b0776b82870b77be5b743e68634e35712ed924b1666d6922d88452b04548a19dda8cc763927b1de2995c57a68e093f2e779ba75f083bf19e3e2b587873b50ef40ba6cd87b9657ad94f48a53c5087de8bac2d6e36fdef8baa70747efdfcde974f4b09cd768eab03ebe79b6d7706b98c79da8bfc87db1dd59ff6d59e961e96164fbc4d41d17448077ea8e27cde0ec4b15b76014f53b7b21f9f17640aedc5f87f044a39f0653d058506c715f7ffdce3fd6abbf4457cdec0f2934a1eab8132eed44d31bbaf0cb399b9f9b1104858e646f3ce9820ef70200fc466d0e1776737975c37af06c7cdbfa79153712d84191ac1f51a3a7d777e2139bdd5f2e9e138c94ff630c19a6605a718229543ae22c907c00ee05ec3f624bd247aaa745e601f2ac13e8a522b37fd6052edacf17591c95792e471ae2f7e9c67f6c1db21229a81009faac4264f226410b00962bc299a948b6c78b4058df2458038d49b040166dbcc8ce881ded2504fff2d546a86aff43f2912da1b5656ba69f4d112ef68ca58", 0x1000}}, 0x1006) 14:12:09 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x1300, 0x1) 14:12:09 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:09 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, 0x0) 14:12:09 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 424.354000] overlayfs: filesystem on './file0' not supported as upperdir 14:12:09 executing program 1: write$cgroup_type(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) r1 = socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f00000003c0)=r0, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000f00)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92304f242b416ae9eeefc0e9c60ebab1c176bf9bb4dde984510c82dc2b9381b72b100d0682fd0a0c4ac106b29e220dc28dac72599456d4c4e6f3fe2d1dee18f638ac947b5e026a3287684ab8373bb4df9d72876ef3834293812e927c01c7da1322da44c7f2ed1084a12f56d1cb398dff1db3df9858837458a4ca037605000000b6be484e4c9507af216bd8ed42f7dd5adb8e49f4a94608c9a20819e02cc22e6be45574d4ed88b37ab8d7674c644dca2f1b4d745fd95c41f9dfc1adafd1e5a3e7f2e898961cb43e438c4e41ae43ea118e14ffffffffe4b8b99bffffb1ac006c67767b03b95151aeb89e6d4a43c625aa2285b6e4afd8c1cc3eb215ba22f43115f4d39dc7beedb130d9f2be90133a4500000058b8c9370634060105baa664953514605fba3973aa021945b985a8a66e9cfa9d9e57033815717b4fdbe55b37cb8d7f41aacfbd4089ea1bd22440f64909a09b5a759a703e71f358e11ac8e13db15d792e604a4f279b3bd6621bdf2c17bc0400000000000000ff8dc4006200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11edb695cc425fe203d2f2655a76865c2c34e2470fcfb1248c0add5431a7fbcb0ef4f66a09af93a09fab1daae4b518d7a5d95a017864487367d6d7ee7bb0749cacf56cf27409c60fca2e0004000000000000a9cb6fca7844f9dab530388eb1f43d4abbfc59d6d1b18fe380df4bf024f120bd715d82033f2fb7d8fc9e0d77b294e097e293db58992c0024ab2fd8e5e7fb178f047ba32548b4d32972cba6f49051cec1bf6f16231bbb90a2d201e5a47811a2278a03bf7700b06fa191ebd3a0c2ef0058ffebd7ccde2480ae40d6156edc4ef81f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f81074192c48c63384f52b8eeb70571e5bbb3e6d2b5eba51aee6f48968981811f832d064048c0e0bbe46984f1f0d0504255c22ee8674053d0e160e525536edf56a93d0a7a6f0889f4ee8964875fea6ff57ba6ae25c5e8ca4f78d5a01308243b08f1caa46be5244d64f8e875858e083144c642f71cdc8e5634c1360c056430f677ee7ed7ac1f9743786b2fb8d0fcfcc3d36c93230b7b059bc295aa0e38b1c3edc3492b96e73d2060acfd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd0c84892c97c80987e5c7954e9f3694d116b01ce0b8ef953de70e7ce0311c8b018956f8a42ca26ab295f1ecf607a8dc38e525f415a1bd46b38845ebca04061bacbf627f798c7f520078fee48f83b5989543729e36a9e1d686bc86cd51704f309130f5347413776a7b7bea3c46c0c4c4b7c27c45057d95ac85ac1cdcee8e6fa31fc02137ed1fb4b21c13b9a2c5e3f7c9ef9c45a314a6f0b9352be92986d63263b1aa5264cb4a82cf080de1f87808d0711dd76f2977ca7f2684bfa5c14a0cd6f1f561d34e4e9851e81d4a355abf43d917c16a2bb0cfb284fcfde901576954ef59e4a658ca431be123b9ee2c8ff10e934847604d930f62924d0562ce17f6dadf5053ed8f33092a41bb463c407f87dafd6199f9ddd1f62da58ca7d3297d6a1bfc5a9aa38a05e70591d5cdab1c268ef3c1984c7c51566cfc2ab6e6fbc99ec206a54fb49056a555414178ef00d8b873c59f01eb5d83415994efcc6ec4b3c275cd6b1b5ff82ef7d7abb1d218e7a1d0afa285706841aac9ccc89df41c39dd58dd70569dde45f8ad62edc65828fbb6e279f745d2872f0c08635e465ca443a6a64c7803760880af23fb3f438a5d11fffc96dd1cb951642f1433f65b4e170a62a5f7a8d0f9d5cef0d17289c43d4aee2127f7a343899434594cc23e1c864164e130754b337e520f285dc670a31241bfb43ac62fc7f985586168483427072a535f2cac81ec261c0000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe80, 0x0, &(0x7f00000000c0)="b9ff03c6630d698cb89e0bf088ca1fffffff0e000000630277fbac14140ce0", 0x0, 0x2f, 0x0, 0x0, 0xfffffffffffffe2a}, 0x28) [ 424.404671] *** Guest State *** [ 424.407995] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 14:12:09 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, 0x0) 14:12:09 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 424.479045] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 424.518968] CR3 = 0x00000000fffbc000 [ 424.540968] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 [ 424.575866] RFLAGS=0x00020002 DR7 = 0x0000000000000400 14:12:09 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 424.614320] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 424.658434] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 424.722996] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 424.785614] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 424.807053] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 424.838352] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 424.859951] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 424.888924] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 424.913412] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 424.935337] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 424.956594] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 424.978807] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 424.998077] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 425.019199] Interruptibility = 00000000 ActivityState = 00000000 [ 425.036935] *** Host State *** [ 425.047089] RIP = 0xffffffff8117dacf RSP = 0xffff888055b279b0 [ 425.064714] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 425.095317] FSBase=00007f2c0b26c700 GSBase=ffff8880aea00000 TRBase=fffffe0000034000 [ 425.128545] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 425.145029] CR0=0000000080050033 CR3=000000008f720000 CR4=00000000001426f0 [ 425.161414] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 425.176007] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 425.188932] *** Control State *** [ 425.193718] *** Guest State *** [ 425.195919] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 425.197049] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 425.213472] EntryControls=0000d1ff ExitControls=002fefff [ 425.219601] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 425.230129] CR3 = 0x00000000fffbc000 [ 425.240962] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 425.247058] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 425.248610] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 425.257713] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 425.268822] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 425.270111] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 425.282760] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 425.303154] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 425.303856] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 425.321406] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 425.322421] reason=80000021 qualification=0000000000000000 [ 425.329741] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 425.349290] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 425.357705] IDTVectoring: info=00000000 errcode=00000000 [ 425.357736] TSC Offset = 0xffffff198589f7a7 [ 425.357747] EPT pointer = 0x000000009f48101e [ 425.365561] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 425.382046] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 425.382245] Virtual processor ID = 0x0002 [ 425.390132] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 425.404139] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 425.413058] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 425.419653] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 425.434274] Interruptibility = 00000000 ActivityState = 00000000 [ 425.444034] *** Host State *** [ 425.447316] RIP = 0xffffffff8117dacf RSP = 0xffff88808fe679b0 [ 425.455187] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 425.480960] FSBase=00007f8986645700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 425.499199] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 425.506253] CR0=0000000080050033 CR3=000000008f75b000 CR4=00000000001426f0 [ 425.515002] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 425.530196] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 425.537342] *** Control State *** [ 425.547032] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 425.557277] EntryControls=0000d1ff ExitControls=002fefff [ 425.566056] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 425.576439] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 425.585430] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 425.595404] reason=80000021 qualification=0000000000000000 14:12:10 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) socket$tipc(0x1e, 0x5, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) r4 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x400000, 0x0) ioctl$BLKRESETZONE(r4, 0x40101283, &(0x7f00000000c0)={0x6, 0x5}) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) ioctl$KVM_GET_REGS(r5, 0x8090ae81, &(0x7f00000003c0)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:12:10 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, 0x0) 14:12:10 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:10 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast2}, 0x10) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4) sendto$inet(r0, 0x0, 0xffffffffffffff12, 0x20000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) sendto$inet(r0, &(0x7f0000000140)="7c0d111317b1ff8ec8f29f81319ec5b10d0d003f00efd9448dbef1ffb4e3a6af87131512da528f6235fe35d3053b5cb4877c1b89bbf83f6d749d5b00679601a3abdc204cf1ad797252bb0c7b43e3e9763221cb2c8d76f824f4bea338f53aa75703f465e50e", 0x65, 0x401c005, 0x0, 0x0) 14:12:10 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) getsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, &(0x7f0000000000)=0x12, &(0x7f00000000c0)=0x4) r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x3b) r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000040)={r3, 0x4c, "9536a6435f539ab97b3f416d7ac184c928cdd2bf7386b793257e39cc8d829b747e148558bdebbd05170919be1753d5176b12e793ff9a486f9717552abd0f854825137fd9d42c4a0438c63acf"}, &(0x7f00000001c0)=0xfffffd72) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000180)={r3, 0x139, 0x62}, 0x8) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) ioctl$SCSI_IOCTL_GET_PCI(r4, 0x5387, &(0x7f0000000100)) getpid() r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r7, 0xae80, 0x0) [ 425.604450] IDTVectoring: info=00000000 errcode=00000000 [ 425.610079] TSC Offset = 0xffffff1902ab0112 [ 425.618103] EPT pointer = 0x00000000a968d01e [ 425.624720] Virtual processor ID = 0x0001 14:12:10 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast2}, 0x10) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4) sendto$inet(r0, 0x0, 0xffffffffffffff12, 0x20000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) sendto$inet(r0, &(0x7f0000000140)="7c0d111317b1ff8ec8f29f81319ec5b10d0d003f00efd9448dbef1ffb4e3a6af87131512da528f6235fe35d3053b5cb4877c1b89bbf83f6d749d5b00679601a3abdc204cf1ad797252bb0c7b43e3e9763221cb2c8d76f824f4bea338f53aa75703f465e50e", 0x65, 0x401c005, 0x0, 0x0) 14:12:10 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[]) 14:12:11 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:11 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast2}, 0x10) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4) sendto$inet(r0, 0x0, 0xffffffffffffff12, 0x20000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) sendto$inet(r0, &(0x7f0000000140)="7c0d111317b1ff8ec8f29f81319ec5b10d0d003f00efd9448dbef1ffb4e3a6af87131512da528f6235fe35d3053b5cb4877c1b89bbf83f6d749d5b00679601a3abdc204cf1ad797252bb0c7b43e3e9763221cb2c8d76f824f4bea338f53aa75703f465e50e", 0x65, 0x401c005, 0x0, 0x0) 14:12:11 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[]) 14:12:11 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 425.881555] *** Guest State *** 14:12:11 executing program 1: socket$inet(0x2, 0x4000000805, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x7a, 0x0, &(0x7f000034f000)) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$VT_DISALLOCATE(r1, 0x5608) migrate_pages(0x0, 0x0, 0x0, &(0x7f0000000340)=0x1) socket$inet_sctp(0x2, 0x5, 0x84) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 425.903187] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 425.937700] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 425.976667] CR3 = 0x00000000fffbc000 [ 425.988631] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 [ 426.008260] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 426.033291] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 426.055785] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 426.081878] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 426.081897] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 426.081908] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 426.081921] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 426.081934] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 426.081943] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 426.081956] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 426.081965] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 426.081977] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 426.081985] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 426.081994] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 426.082000] Interruptibility = 00000000 ActivityState = 00000000 [ 426.082004] *** Host State *** [ 426.082013] RIP = 0xffffffff8117dacf RSP = 0xffff88805292f9b0 [ 426.082030] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 426.082038] FSBase=00007f2c0b26d700 GSBase=ffff8880aeb00000 TRBase=fffffe0000034000 [ 426.082049] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 426.082060] CR0=0000000080050033 CR3=00000000a8f05000 CR4=00000000001426e0 [ 426.082071] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 426.082079] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 426.082083] *** Control State *** [ 426.082088] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 426.082093] EntryControls=0000d1ff ExitControls=002fefff [ 426.082102] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 426.082107] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 426.082113] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 426.082118] reason=80000021 qualification=0000000000000000 [ 426.082122] IDTVectoring: info=00000000 errcode=00000000 [ 426.082126] TSC Offset = 0xffffff18a1fad9d9 [ 426.082132] EPT pointer = 0x00000000a96cc01e [ 426.082139] Virtual processor ID = 0x0001 [ 426.941793] *** Guest State *** [ 426.945176] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 426.968130] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 426.983157] CR3 = 0x00000000fffbc000 [ 426.987036] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 426.999494] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 427.007143] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 427.016672] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 427.027099] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 427.037915] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 427.048032] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 427.059291] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 427.069326] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 427.080332] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 427.090406] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 427.102976] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 427.115597] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 427.126169] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 427.134702] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 427.144411] Interruptibility = 00000000 ActivityState = 00000000 [ 427.150717] *** Host State *** [ 427.156935] RIP = 0xffffffff8117dacf RSP = 0xffff88805d0579b0 [ 427.165693] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 427.174181] FSBase=00007f8986666700 GSBase=ffff8880aea00000 TRBase=fffffe0000034000 [ 427.184111] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 427.190024] CR0=0000000080050033 CR3=00000000a8c17000 CR4=00000000001426f0 [ 427.199147] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 427.208042] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 427.216273] *** Control State *** [ 427.219814] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 427.228774] EntryControls=0000d1ff ExitControls=002fefff [ 427.236338] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 427.247153] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 427.255844] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 427.264651] reason=80000021 qualification=0000000000000000 [ 427.273161] IDTVectoring: info=00000000 errcode=00000000 [ 427.278627] TSC Offset = 0xffffff189050b9ff [ 427.285788] EPT pointer = 0x00000000a610d01e [ 427.290219] Virtual processor ID = 0x0002 [ 427.380242] *** Guest State *** [ 427.387617] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 427.396771] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 427.410237] CR3 = 0x00000000fffbc000 [ 427.414799] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 427.425430] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 427.431728] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 427.438504] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 427.450603] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 427.458903] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 427.471488] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 427.479587] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 427.492619] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 427.517067] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 427.746093] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 427.756220] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 427.767125] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 427.808476] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 427.960212] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 427.968300] Interruptibility = 00000000 ActivityState = 00000000 [ 427.974957] *** Host State *** [ 427.978185] RIP = 0xffffffff8117dacf RSP = 0xffff888055b279b0 [ 427.984468] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 427.991256] FSBase=00007f8986623700 GSBase=ffff8880aeb00000 TRBase=fffffe0000003000 [ 427.999059] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 428.005499] CR0=0000000080050033 CR3=00000000a8c17000 CR4=00000000001426e0 [ 428.012851] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 428.019626] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 428.025760] *** Control State *** [ 428.029216] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 428.036217] EntryControls=0000d1ff ExitControls=002fefff [ 428.041795] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 428.048840] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 14:12:13 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x107000, 0x0) ioctl$KDENABIO(r1, 0x4b36) sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 14:12:13 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[]) 14:12:13 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:13 executing program 1: socket$inet(0x2, 0x4000000805, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x7a, 0x0, &(0x7f000034f000)) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$VT_DISALLOCATE(r1, 0x5608) migrate_pages(0x0, 0x0, 0x0, &(0x7f0000000340)=0x1) socket$inet_sctp(0x2, 0x5, 0x84) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 14:12:13 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) ioctl$KVM_PPC_GET_PVINFO(r3, 0x4080aea1, &(0x7f00000000c0)=""/161) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x5, 0x10, r0, 0xc3f3c000) 14:12:13 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) r0 = syz_open_dev$sndpcmc(0x0, 0x0, 0x0) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) r2 = syz_open_dev$audion(&(0x7f0000000300)='/dev/audio#\x00', 0xfffffffffffffffc, 0x30080) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) ioctl$DRM_IOCTL_GEM_FLINK(r3, 0xc008640a, &(0x7f0000000440)={0x0}) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r5, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000480)={r4, 0x80000, r5}) ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r2, 0x80845663, &(0x7f0000000340)={0x0, @reserved}) syz_open_procfs(0x0, &(0x7f00000004c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xfffffffff7fffffc, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, &(0x7f0000000200)={0x0, r6+30000000}, 0x0) poll(&(0x7f0000000400)=[{r0, 0x1002}, {r1, 0x9101}, {r1, 0x8718}], 0x3, 0x94) r7 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x28402, 0x0) ioctl$SOUND_MIXER_INFO(r7, 0x805c4d65, &(0x7f0000000280)) [ 428.055562] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 428.062221] reason=80000021 qualification=0000000000000000 [ 428.068601] IDTVectoring: info=00000000 errcode=00000000 [ 428.074144] TSC Offset = 0xffffff17db9e2553 [ 428.078465] EPT pointer = 0x000000009c01e01e [ 428.082927] Virtual processor ID = 0x0001 14:12:13 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:13 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:13 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB]) [ 428.250258] *** Guest State *** [ 428.260695] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 14:12:13 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 428.319935] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:12:13 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB]) [ 428.369027] CR3 = 0x00000000fffbc000 [ 428.382313] overlayfs: filesystem on './file0' not supported as upperdir [ 428.389551] QAT: Invalid ioctl [ 428.402829] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 14:12:13 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 428.417245] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 428.434874] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 428.474860] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 428.493435] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 428.509067] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 428.538828] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 428.547688] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 428.557687] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 428.566496] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 428.575668] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 428.585203] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 428.594021] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 428.602930] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 428.609524] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 428.618941] Interruptibility = 00000000 ActivityState = 00000000 [ 428.626137] *** Host State *** [ 428.629484] RIP = 0xffffffff8117dacf RSP = 0xffff88808a73f9b0 [ 428.636978] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 428.644356] FSBase=00007f2c0b28d700 GSBase=ffff8880aeb00000 TRBase=fffffe0000034000 [ 428.653018] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 428.653482] *** Guest State *** [ 428.659042] CR0=0000000080050033 CR3=00000000a7920000 CR4=00000000001426e0 [ 428.666189] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 428.672124] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 428.678703] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 428.686309] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 428.697842] CR3 = 0x00000000fffbc000 [ 428.701921] *** Control State *** [ 428.705304] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 428.708070] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 428.715554] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 428.721482] EntryControls=0000d1ff ExitControls=002fefff [ 428.731371] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 428.732445] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 428.738927] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 428.746286] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 428.759277] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 428.760919] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 428.769960] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 428.775741] reason=80000021 qualification=0000000000000000 [ 428.775746] IDTVectoring: info=00000000 errcode=00000000 [ 428.775750] TSC Offset = 0xffffff1766046f18 [ 428.775758] EPT pointer = 0x00000000a01cd01e [ 428.775766] Virtual processor ID = 0x0001 [ 428.812843] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 428.822136] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 428.830638] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 428.848315] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 428.860367] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 428.871458] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 428.879864] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 428.889468] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 428.899019] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 428.910645] Interruptibility = 00000000 ActivityState = 00000000 [ 428.919252] *** Host State *** [ 428.922948] RIP = 0xffffffff8117dacf RSP = 0xffff88804eb279b0 [ 428.929092] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 428.937508] FSBase=00007f8986666700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 428.946100] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 428.953147] CR0=0000000080050033 CR3=0000000095f41000 CR4=00000000001426f0 [ 428.960213] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 428.967588] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 428.974073] *** Control State *** [ 428.977521] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 428.985053] EntryControls=0000d1ff ExitControls=002fefff [ 428.990512] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 428.998293] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 429.015183] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 429.022156] reason=80000021 qualification=0000000000000000 [ 429.028552] IDTVectoring: info=00000000 errcode=00000000 [ 429.038963] TSC Offset = 0xffffff1727601b1b [ 429.043706] EPT pointer = 0x0000000088a8101e 14:12:14 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$SG_GET_RESERVED_SIZE(0xffffffffffffffff, 0x2272, &(0x7f0000000180)) r2 = accept4$unix(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000140)=0x6e, 0x0) ftruncate(r2, 0x8) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) pipe(&(0x7f0000000000)) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 14:12:14 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:14 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB]) 14:12:14 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:14 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:12:14 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x48, 0x3, 0x1, 0x3, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x200}]}, 0x48}}, 0x0) getpeername(r0, &(0x7f0000000280)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @initdev}}}, &(0x7f0000000100)=0x80) setsockopt$CAN_RAW_ERR_FILTER(r1, 0x65, 0x2, &(0x7f0000000300)=0x2, 0x4) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) [ 429.048121] Virtual processor ID = 0x0002 14:12:14 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:14 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a"]) 14:12:14 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) 14:12:14 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:14 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:14 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a"]) [ 429.396390] *** Guest State *** [ 429.399719] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 429.455283] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 429.467892] CR3 = 0x00000000fffbc000 [ 429.473374] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 [ 429.479607] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 429.495063] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 429.505872] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 429.531229] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 429.547680] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 429.561483] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 429.569488] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 429.588128] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 429.596492] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 429.607008] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 429.615926] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 429.625052] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 429.633813] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 429.640291] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 429.650797] Interruptibility = 00000000 ActivityState = 00000000 [ 429.657048] *** Host State *** [ 429.660247] RIP = 0xffffffff8117dacf RSP = 0xffff888050ee79b0 [ 429.675866] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 429.685246] FSBase=00007f2c0b28e700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 429.694299] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 429.700375] CR0=0000000080050033 CR3=00000000a8dbc000 CR4=00000000001426f0 14:12:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a"]) 14:12:15 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:15 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:15 executing program 3: r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="48000000030103000000000000000000000000002c000280140001800800010000000000080002007f0000010c000280050001070000000006000340000000000600124002000000"], 0x48}}, 0x0) dup3(r1, r0, 0x80000) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getxattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000380)=@known='security.apparmor\x00', &(0x7f00000003c0)=""/4096, 0x1000) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) 14:12:15 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x0, 0x3}, 0xffffffffffffffff, 0xf, 0xffffffffffffffff, 0x3) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) clone(0x20000, &(0x7f00000000c0)="f9bdfcef5c17a0cbf02c8bf8ff7f61b28ae43d51a1fb509a3a59ceeacdba56b52afd7bdf9dcc19a29da5aa341c8bb4ddf4b3bb99e7", &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0)="3e28d02842b67d7d7185613379491c9617a520d82eb2919676ba726bd06404630e43aed993207a5c0a41ad2769dbba16e04cc1e4e1e9b78f6754e38895713e621f2b195caafa185e9ac0277bdd33054f168fb1fab52848c669be20fdda3c3fb4ea9caaf4a28d0fdac83bf2bb9a099ee2d6b3232bbe64d838a91282e54524c5067b6744861002838e58d811f6945f76f25fffec9ba18c3351bd2ca8f4fffe1a4ef5d5cfa0c4e3f0081003e892354889fa49ff73b8") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x48, 0x3, 0x1, 0x3, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x200}]}, 0x48}}, 0x0) fallocate(r4, 0x0, 0x2, 0x7fffffff) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 429.709307] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 429.716789] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 429.723664] *** Control State *** [ 429.727129] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 429.735221] EntryControls=0000d1ff ExitControls=002fefff [ 429.740977] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 429.754094] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 429.760906] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 429.767533] reason=80000021 qualification=0000000000000000 [ 429.784604] IDTVectoring: info=00000000 errcode=00000000 [ 429.796781] TSC Offset = 0xffffff16bf8b3333 14:12:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c5110000001000004000000000000000050000004800"/133]) [ 429.819517] EPT pointer = 0x000000008844301e 14:12:15 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 429.853117] Virtual processor ID = 0x0001 14:12:15 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x6100) write$cgroup_type(r1, &(0x7f0000000200)='threaded\x00', 0x175d900f) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x100000000}}, r0, 0x0, r1, 0x0) getpid() r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 14:12:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c5110000001000004000000000000000050000004800"/133]) 14:12:15 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:15 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000280)={0x1f, 0x7fff, @none, 0x2, 0x2}, 0xe) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) r1 = socket(0x27, 0x1, 0x5) bind$rds(r1, &(0x7f0000000100)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x10) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) exit_group(0x2) 14:12:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c5110000001000004000000000000000050000004800"/133]) 14:12:15 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:15 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffff"]) 14:12:15 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 430.129582] *** Guest State *** [ 430.134593] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 430.165764] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 430.209338] CR3 = 0x00000000fffbc000 [ 430.224675] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 [ 430.236325] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 430.247473] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 430.254747] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 430.264065] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 430.272958] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 430.312806] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 430.324354] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 430.339237] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 430.349004] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 430.364694] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 430.372846] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 430.381662] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 430.392025] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 430.398892] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 430.406769] Interruptibility = 00000000 ActivityState = 00000000 [ 430.413341] *** Host State *** [ 430.416736] RIP = 0xffffffff8117dacf RSP = 0xffff88805507f9b0 [ 430.428735] *** Guest State *** [ 430.429470] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 430.439293] FSBase=00007f2c0b2af700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 430.439780] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 430.450120] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 430.462674] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 430.462693] CR0=0000000080050033 CR3=000000008bee4000 CR4=00000000001426f0 [ 430.474122] CR3 = 0x00000000fffbc000 [ 430.479220] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 430.485836] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 430.489363] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 430.497664] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 430.501990] *** Control State *** [ 430.511346] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 430.514652] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 430.518074] EntryControls=0000d1ff ExitControls=002fefff [ 430.527538] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 430.530495] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 430.543041] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 430.545854] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 430.556004] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 430.560234] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 430.570050] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 430.578477] reason=80000021 qualification=0000000000000000 [ 430.583580] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 430.589280] IDTVectoring: info=00000000 errcode=00000000 [ 430.598019] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 430.606429] TSC Offset = 0xffffff165b41344e [ 430.611633] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 430.615549] EPT pointer = 0x000000008addf01e [ 430.626352] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 430.632526] Virtual processor ID = 0x0001 [ 430.637620] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 430.653492] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 430.661679] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 430.668538] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 430.676698] Interruptibility = 00000000 ActivityState = 00000000 [ 430.683684] *** Host State *** [ 430.687072] RIP = 0xffffffff8117dacf RSP = 0xffff8880555179b0 [ 430.693338] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 430.699805] FSBase=00007f8986666700 GSBase=ffff8880aeb00000 TRBase=fffffe0000034000 [ 430.708948] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 430.719739] CR0=0000000080050033 CR3=000000008a147000 CR4=00000000001426e0 [ 430.726853] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 430.734025] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 430.758638] *** Control State *** [ 430.762310] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 430.768981] EntryControls=0000d1ff ExitControls=002fefff [ 430.769697] *** Guest State *** [ 430.774938] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 430.785024] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 430.788638] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 430.792153] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 430.806485] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 430.813800] reason=80000021 qualification=0000000000000000 [ 430.817600] CR3 = 0x00000000fffbc000 [ 430.826301] IDTVectoring: info=00000000 errcode=00000000 [ 430.827589] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 430.832454] TSC Offset = 0xffffff1632429153 [ 430.839146] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 430.845974] EPT pointer = 0x00000000a6eac01e [ 430.849936] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 430.852870] Virtual processor ID = 0x0002 [ 430.865226] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 430.874085] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 430.882853] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 430.891596] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 430.899773] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 430.908612] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 430.917921] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 430.926229] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 430.935465] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 430.943981] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 430.952196] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 430.958598] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 430.966417] Interruptibility = 00000000 ActivityState = 00000000 [ 430.972922] *** Host State *** [ 430.976207] RIP = 0xffffffff8117dacf RSP = 0xffff888053e8f9b0 [ 430.982815] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 430.989228] FSBase=00007f8986623700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 430.997214] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 431.003256] CR0=0000000080050033 CR3=000000008a147000 CR4=00000000001426f0 [ 431.010935] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 431.017599] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 431.024033] *** Control State *** [ 431.027532] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 431.034988] EntryControls=0000d1ff ExitControls=002fefff [ 431.040474] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 431.047746] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 431.054562] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 431.061248] reason=80000021 qualification=0000000000000000 14:12:16 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, @perf_config_ext={0xfffffffffffffff8, 0xcd8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0) ioctl$RTC_PLL_SET(r3, 0x40207012, &(0x7f00000000c0)={0x40, 0x80000001, 0x7, 0xfffffff9, 0x7, 0xfffffffa, 0x1000}) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 14:12:16 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:16 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:16 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffff"]) 14:12:16 executing program 3: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r0, 0x407, 0x0) write(r0, &(0x7f0000000340), 0x41395527) ioctl$VT_RELDISP(r0, 0x5605) syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f00000013c0)={&(0x7f0000000280)="e082900419a762b38eef327f4a419f117a528693002ed3b9761366e67495d1994336317410b4472fafa67bf953e14e10d8172904c46d1c4f980aad1692511fc8472536fb5e4d35b8180307157afe300554ce5d3b1adf7ff6ce77782e8496bba794a8a43deb40eb24f70b3d64dc0a94ad7e05a3b3a4257f52415da0", &(0x7f0000000100)=""/55, &(0x7f0000000300)="59ea73ce34d3585c2975948e5038bb04df6e029877264be5b2aaa3be79e93182ea6210e03ca9e6ce8304aacd02a89f3343f5e767d07c8fce396b4e75ed2d2eb0098c3319696d90d0acf6eb370459c4db839e859a487c0a8dd0a291e36434955b5c210ef46f78964dbc9daed600f84ce6b65e65b7074cd675322a93790603274447215c80c4e4d1a8032e14977d30147c5106254138d606eca5", &(0x7f00000003c0)="34921184e02d489625241774542283404821935b47911854c40fe0a91be7e455054a4434a3d63d3b920bc2dd61ac72465a697e2f6695706a9b1cebe5e9edfbe1530aed6c2d36118954ba4a981a5ba723424fa1ff5067ccaa3e159ae6cca09364246f2ffbeeb7cc3fa04e47ec8a8e7432abab6d0a538953b0cc4a263d894060c104c3a2c944b6a0e1caa22fecd1dc0b986fff54d472a4cbbb54db9cd1fdf0ffc3b0b4055626243551ccb50f374a87e64e5b28093cbf6b9ac420bc75eb055900ba88369ef27dbcc05cb4fe1e0cf88c525068c4c82a6a73d52827f172314588bf53015557f8824eef04445fc765ce0948ba13e655a8df111e098ac12dbd185cac6930149658b7e481d5b539f2ad9b338d833bf04ebe964ab28a232b9b988d4ec0334dd4f85139a839717dd175ebc323f8e7ef92561c8f5a37937e5af7124497943dafd64a01c06aae17cd4fabdb1768373d8064853ff2c1363f5c0e315eff01cf3cf4db92d731c47881f26ec44062c6f375b334484624f27c395cefe7519aa121c55173f292404fe7a1e685622a449ebb5ef1091770277fd08060c071a664ff61a1541693fd78af900ba678d3a70f62cd09585e330af9dac85bd11ef76cd872411e46afc163263339cf9879189e6099e851f2443a7d607f54388300e3d1b79b4acc399a46b38d7a5411d20ec0f636ef55c1fba1899aed69b6bf81d42e00d01c7e36e742975f35132b87761a92d9b30393b1c2f4ef1af73c7eca52c0c6c3502c16f2b7d04baadfa53f2103ba7958353c24c02b99bbafb09f5f40bd5347a816569dffeb17d69d3debdafc784f02fb41592e116dc4529b08e6ace7edd33c5022d2566ccf92e9666d3b575c64748385808242185e8837da6849193c90d218e027461bf9c0f768eb1c622e0f441ecd48fd0ce77b2fcfa25927b0b983bed16a4c1740800e69de7645a73809253aab598b010b22a3f1f516e365455ace21415f9f48a3c7f179875921c2c51968aa180b81fb4ca4ecc9b3b915ec7ae40619beb7a2dec05aec14950d7e3301601fdab2ecb4adc234b9cb8e6eb9585836a8ed6edfbde735b2057500f7b0be23ba8375910b7888b76bda5ef17e56cad0d74c43eb069733b4be1be761e76dd7b79932c871cdbf4fa27d7fb680fbb51eb5cd661375ecbee0f58f261683923dfe9fa3a4a085b915b25f10b1e640c0b6af5cf464bda50d1a57eec25f26041c0a7f89bb6221e081d784b055915c1e507fb01fc67b87000d10d441b58fec57d97182a2ba970e06bedb03202e0b8b1614f74553f5ac693c3112e0914a975279d163c3d5c786d36aad82b54f7e0073ee1e6906de7866346b09588dd148177e83cc47a8dec74c3ce681c1653c197a26c1cd7e143fff7558916aa5221c11f65fbc45f965d41bca8c7be8fc409a1f4cf52c0635fd0481c1e04b5950b40f6489d05f8ce669e864dd21c016ee20b43f0a64a90bf08a877e8ba26cfde4ebc9d5b1892054a58a049f6fc65c8967301b05b16022de48ed2cef1c33ac42845b996eb719fc33893072c79f75d36b22ad36b68bc79f1d80a6b45f2578ce868a323095f8f37da0f5c9dbe36b7f4f7fc11eeb9f8554161f1346fe540e22e7a3d1049aa20d62a7c83024ef41c9360058434df801e129a7068910e2e278eb56aed532a120192262b452e3204f6dfb6c38736b0fa3b85ba415d9496fbdb55a0fbad0540bbb4d935c548ba45e3adcdab7f18adbcfe9a79fb65d3590c21a571f54c6a9088036d9728fadeae0424f449426da68b20a9840c602156caa1e58da9cf7c8003dc0a8892b6c71ad6e062abc6c3ad75b5cd6b2557ee643f12cc3b6861e80605f91e7a6b891bdcbcdb5a3f028a4adeef83090b69f64433641206e0ab82e7dfe68288b0719466da0124a4d4bcacf1f61f04790523a4687b68be1661ab40e55915358603c2c8cbe50dca36137d4b684470e429e0bf4ea72d46bc5a127275785e7b275dc0787e63c83f6cbdf311d7ff0a7f274821a588d5e5de7e5f256553e23bf3938dd1e1864bbe40429b38683fda46b60344252065ae31964aed8840d13088690622d6ec9bd77af956304d2de95dbe73f80aa9d176be3dc05ab6ad9c2dde8c8c5cb915fd6fe7927e0d74b59295dde30caca368cc2f08786f33dd6eeb880c638bafafda1eaba9765d94271a52b4449797d4fbbc11c7749d5778ce66d5e287693652ca4ee31d94b2debcff310f36c9f41c59caa62cd7a5f3bdf0db41949ba0e5311154186155caa3d9b163b389734177a3f0347d8fd464ca39e17cc0f2c16286f15ffab192399d26e1f7346433b752543b207976ba0d697aeda6422ecd941b46832d8175094153e175e6f6511ee83e1ec17ce7a8d67a9c5847022bbfc64c9c175028ce3393355c1e78d59ac92cc29aa456c70ef68e5b8823b8ab988d9ff52842f9d91ca3b4684fbd9e33f9243035d92caa57b01b3c2dfdc8bf593b713f4c638adecd922b800bf341301f5ed3410c3362b15becd72897e040337c3b9c3447f0cb3626bea50ae24a5d96a138d44ea25b93aa3ca9db5fc8fd070af49ff27ff3bfe19ce890a095579ccd579d5c6c347151a016e34164c8ee73780beadea4b304733494946d284d55c27491c225cf8ae6f9476051cad824d187216e7ba6e16d48efc17b700abd00469b7fa12a541897c66ee83ccecb2019809dcc39ae22acc61bcd685d599ae50fd5ea165647e544b918730ac98c38eb7b5d84b8038cc7a1d406c814915a3d694d4d54ad8cfbe6e85cb832bb2bc92df1d7fbb0b4dc9f37461a121bafd9dcdac1bf4a3085fdfebf05c8f849992713c9cbf25b858669f8467b99a8944453f82828999fe63d357d5c4d492e56d2b226ef37b465f1c1bf9f34c427333826f64f2dce5d74562092ceb4a3dc1e9eb6ce8a4bdf0ab923e098742989a57f3ac499cd1386773743e65d4b41bdebcdb233d99782622743855d280e4af88a030dee0cdff94ed4a080e17580a0714a90f77fd1380d294755ce31a87f210157974a74f7102bd973de47e4b59595f9a5a1e08796673c2c8484d3e2f86f912a0b1f3f953b070dae4dae337c8938ef31d3901fd9b2180fc7cca5c99807219979d05a0da42c1da49a4135f15e7967405115157e6c04c5c7cd3da2078e8ef9ccd9b9cf4f340b168ac02b752292ac11037afd7c6656c0535384cf18c52e2c301d8ca9e43edcc6a898c31d464d0b6d50496553d7b765c14b910ea325e83d4f612d2299e545a70b805a827d00747a975a585186b1d78efdf535bc29e5a81edc2b5c4498f451989feb3e00375a66b214919869bf7eabd51c49e84fb464f0034f98bc710a4f5880f17bc3127e1a94c56c76e18c04bd65bf49e9a721d6b4f0b45da12cd4c93b5c3d969fdd181b91a354d2d1436fb3a32ae4b190eb8ba270d552d9559805fd65937d602717c17411523b8054dbc5ab5cbf46888c7bd69cb1164f5767dd924656c4a47e2f305d1d8f1a6b6a2cf11450d9a17df5e6f5d97bc8576fda1058adaa04e6f9ec1f82d803d911b8b8e30254a028a78bf2d6469440b9415c40debdd986bad4c3a06b48536aa93f2b660184c6a51cff0868ff840410920e408835021d6c1bec58bffea4ee4bf7c36539265989dacca061603972327e2db55119de9062639261b16bc8c6f5066a6ba60d9b31253ce29d88ac59a7205bccd0d0ba5b0d321253b30fcd447271dfaaa235709be6059f51221aa7d0b377786fec5464914b08bf3ce46c0e77b804a62cd583831244f8f357e22ab7e26ee7c14f724bd90c6ae8eefe67c4b1c52752b2f657329e1b1373c3af997d14f2993f15096e8a49cb5d65d8a94acc1671cb40771da29bcff7d918233dd6a5dc8b5887a2dbb0c2da8b3e48bbab4ea88e21c079a7c3bd1cf56009fe4f8a8c7d51183c176ce7cc1a184a1d0d73dfbdd283007484428435ca8520009169969496dbb02305092441365cff8b6520a2c11b260d99d53a11f077b7c8861732da77f12e87bbe2905386526ef60003492a00ab77faf99da7a0b061621d498deed9e93214cf5d961ddb8897e62b27db097bbf5421351cb476a8c84e20f3b05109d9b9744b6e431597c7e7e196adce7ffad4f83d9b02532087fcea83aebcf2c1ca96cbd2613423d1ea4e3bb1aedf56eded44e07205f5f2a632380196dd71662a678ac3840e9a14ebc7a2f9a6cb5a9c1dc32c308ae8e8051759a9dedaf12b5752134e6884a5cd93a1f567d2003cecdc92538f6b7d35b9937419463093a42dfaf1fbe690004969ad62ea8d1686629d660763d307eca478d9a028cf134c6ef40fb86a3326465efed7113558c38d3262c256e83e4b02b61c0d3094139fbb634e13ec3ec210c6f21be7059d8171ca880066202c19d46400b15fcfcbb20c3f45715aa02be0a5f381ce9f4a56f8fd01301ff6d048b3ad999d6d22b84f4cf6fea96ae1ccf808741853b5393d5674f9508333112c7cf6326972f05c9f0d6b3d1117e037a94c9b3668670d34d14e3d4df4524f2f66543c58379b28392a4c55e4495cd00493c08add9cdbbd265e731308bbf1eaa3887e2a9a90c8810be48679d87a32b1602b7ef536e86bac5f7d87360e336c4c24068f07ba66fc5dc249dedafb651281d5cffa45aa236fa49164b39b9209a00f16d9e053ab41c560cc506941bfb4a1760129a6fd502cef4da7eea987495d17bc59e851b4ff3cb82a4f5e2ee7e483850b7ae584bed4179e1e93a01c54d67a369186df878d7a9ee8c2858ec95a9e772a920eb5baa897257c3cc8cca787cc2479528ece8fe9c33903f642d1ce8cb3822140a16066ed4a7949b0622bec908343fe24d0126fc913aa25fd9a734f46fca129094a5406f4f750e13ed2ece293cd9c1717f370c34d46be6360aaec720e9ea011abdd0e404d6e6cf6f8ce56f5d4fdca6474bb0e0f8fdf0ec1e871acf73b6139afb24bbd5227aed60f1b96a3bc7e5b7f2801215b006722c1eaceccd76a61c9bce06f0dfead4ada1bab103fbc881a8caa44697fc314eab7b019525ad3acb5226f7b16297e64a3e7b9dbda5c940352e88b1f3d83d445e7884904e455019878524a786f0e7d26ca39950a5bdc34b5f0e8217061adce64e03c19c12192bcf64ce87aa8218382b6178db4089635700befd1010480996298b2953bae45ece19bcad42b18890ae8f1a6202237db17882a8219e5e4e397999ea1fff09556f0f64f8c4be68212010ee4808015c60cf32804c10174b19f39666ddb59081240fe9e9efec3130d61c81f617940c87cf2ab01d57f0fdec0087c15b1edd6fbca29a10d93fcc397355641b306839832b40b25c811e09be46cc0deb8b3848111c65baaa41ef98f735f5faa6df636df89df2f901b14b8561bfc1fd5622af5827543e44a8c127c53d98a48fd404de287936d4fa0cde6a571145a2e9e97a8ff44b03ad7ced30debdd2b3c7f6902c98ccfe3e56461dc4796abce86ac759d74d13125f2cc95ab0fb1660ab35631a8041f039bbe6296565888469889bf0b63d651595324c4e69eb1cba4827715ba406fe8df747946348678d517ebd762616cade0e2e85c772936601f15aef16fd91c5872c98e1f29070d4b25f6728818e1889c5f1f78d84b9bcc8293383c16b044e41f04f0c534db1da6265b133c658c20580934b244cecfc4699e98f1311f7178e302fc6720bc3c459d9e1730c1bc0568b17c2a2dce205e8e750f1e91b4fdb714d5adaae57250a9488d37ec95a68b42d06dbb3cf532fa8a1c1219b35877b7c92e25af8962896e023b40510046c85e45470cc02ce1498bdeeca8095", 0xfffff6be, r1}, 0x38) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="480000000301030000000000000000000000000000000280140001800800010000000000080002007f0000010c0002800500010e0000000006000340000000000600124002000000"], 0x48}}, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(r1, 0xc0205647, &(0x7f0000001480)={0xa30000, 0x8001, 0x40, r2, 0x0, &(0x7f0000001440)={0x9c090b, 0x101, [], @string=&(0x7f0000001400)=0x63}}) sendmsg$NFT_MSG_GETOBJ_RESET(r3, &(0x7f00000015c0)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x480100}, 0xc, &(0x7f0000001580)={&(0x7f0000001500)=ANY=[@ANYBLOB="50000000150a050000000000000020000c0000030900010073797a31000000000c00064000000000000000030900020073797a32000000000900010073797a30000000000900020073797a3200000000"], 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x10) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0) 14:12:16 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x5, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205647, &(0x7f00000000c0)={0x9b0000, 0x3, 0x2, 0xffffffffffffffff, 0x0, &(0x7f0000000000)={0x9909de, 0x0, [], @ptr=0xd3b8}}) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140)='TIPC\x00') sendmsg$TIPC_CMD_GET_NETID(r3, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r4, 0x200, 0x70bd27, 0x25dfdbfd, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x84) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 431.067657] IDTVectoring: info=00000000 errcode=00000000 [ 431.073793] TSC Offset = 0xffffff16050ddb31 [ 431.078220] EPT pointer = 0x000000008bd1101e [ 431.082787] Virtual processor ID = 0x0001 14:12:16 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 431.185942] *** Guest State *** 14:12:16 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffff"]) [ 431.214400] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 431.251275] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.3'. 14:12:16 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:16 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 431.263952] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 431.276701] CR3 = 0x00000000fffbc000 14:12:16 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff00"/166]) [ 431.306719] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 [ 431.324326] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 431.341835] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 14:12:16 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 431.349784] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 431.373480] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 431.408344] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 431.422106] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 431.467652] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 431.483173] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 431.491337] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 431.499440] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 431.509307] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 431.519127] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 431.529089] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 431.540331] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 431.548773] Interruptibility = 00000000 ActivityState = 00000000 [ 431.560232] *** Host State *** [ 431.564641] RIP = 0xffffffff8117dacf RSP = 0xffff8880508cf9b0 [ 431.571659] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 431.578184] FSBase=00007f2c0b2af700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 431.593030] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 431.596753] *** Guest State *** [ 431.603274] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 431.605253] CR0=0000000080050033 CR3=000000008f9f5000 CR4=00000000001426f0 [ 431.613033] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 431.627318] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 431.629945] CR3 = 0x00000000fffbc000 [ 431.636180] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 431.642623] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 431.646339] *** Control State *** [ 431.652863] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 431.657063] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 431.665604] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 431.670297] EntryControls=0000d1ff ExitControls=002fefff [ 431.678620] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 431.683486] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 431.694353] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 431.698639] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 431.705970] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 431.713367] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 431.725084] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 431.728449] reason=80000021 qualification=0000000000000000 [ 431.735770] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 431.742963] IDTVectoring: info=00000000 errcode=00000000 [ 431.754190] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 431.756799] TSC Offset = 0xffffff15cf202132 [ 431.764105] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 431.770079] EPT pointer = 0x00000000a536901e [ 431.780035] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 431.781622] Virtual processor ID = 0x0001 [ 431.789172] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 431.801658] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 431.814871] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 431.826898] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 431.840415] Interruptibility = 00000000 ActivityState = 00000000 [ 431.848561] *** Host State *** [ 431.857723] RIP = 0xffffffff8117dacf RSP = 0xffff8880594e79b0 [ 431.865606] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 431.872868] FSBase=00007f8986666700 GSBase=ffff8880aeb00000 TRBase=fffffe0000003000 [ 431.880904] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 431.886884] CR0=0000000080050033 CR3=000000009e5e6000 CR4=00000000001426e0 [ 431.894207] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 431.901444] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 431.907542] *** Control State *** [ 431.911222] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 431.917914] EntryControls=0000d1ff ExitControls=002fefff [ 431.923527] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 431.930545] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 431.940217] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 431.947467] reason=80000021 qualification=0000000000000000 [ 431.963854] IDTVectoring: info=00000000 errcode=00000000 14:12:17 executing program 4: r0 = getpgrp(0x0) perf_event_open(&(0x7f00000000c0)={0x3, 0x70, 0x0, 0x42, 0x0, 0x0, 0x0, 0x80000050d, 0xe3f00, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdf, 0x0, @perf_bp={&(0x7f0000000000), 0x2}, 0x12000, 0x0, 0x9, 0x7}, r0, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 14:12:17 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:17 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff00"/166]) 14:12:17 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:17 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x5, 0x440000) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:12:17 executing program 3: r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) r1 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r1, &(0x7f0000000200)='threaded\x00', 0x175d900f) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x48, 0x3, 0x1, 0x3, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x200}]}, 0x48}}, 0x0) fcntl$setlease(r2, 0x400, 0x1) sendto$llc(r1, &(0x7f0000000280)="84eaed5b50b0e68b3bbd1e149333fd9ee937162b723e1d7250321b3a433100453e603c98c8d82405b0f932b57b5a62eb78f44208786a32c8a037540e7f72b5c6170fa5cdbc29f235523da117b2616cf0a54787ed221aede8eb453f7bc7c8743264889906b7d7d2051bf55020e65c0b5f01ba539f7dbce8729ba1aaa40be5692991b0e9565c4ad79be70ae1e627d0c94c41c722e9bc6fd2a67a49225e225db2c3778ca99b7240590d", 0xa8, 0x20000000, &(0x7f0000000100)={0x1a, 0x206, 0xd6, 0xa6, 0xae, 0x7, @broadcast}, 0x10) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @perf_bp={0x0}, 0x10208, 0x0, 0x0, 0x6, 0x1, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0) [ 431.969541] TSC Offset = 0xffffff159666430b [ 431.975473] EPT pointer = 0x000000008c40e01e [ 431.980020] Virtual processor ID = 0x0002 14:12:17 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:17 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 432.106512] *** Guest State *** [ 432.125070] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 14:12:17 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff00"/166]) 14:12:17 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) [ 432.160067] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:12:17 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 432.219332] CR3 = 0x00000000fffbc000 [ 432.230968] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 [ 432.245064] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 432.263217] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 14:12:17 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff00000000000000000000000001000000"]) [ 432.297455] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 432.326616] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 432.344759] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 432.378233] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 432.396458] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 432.414889] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 432.432561] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 432.454094] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 432.463015] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 432.472553] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 432.485112] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 432.493162] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 432.502257] Interruptibility = 00000000 ActivityState = 00000000 [ 432.508639] *** Host State *** [ 432.513316] RIP = 0xffffffff8117dacf RSP = 0xffff8880594e79b0 [ 432.519431] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 432.528858] FSBase=00007f2c0b2af700 GSBase=ffff8880aeb00000 TRBase=fffffe0000034000 [ 432.537623] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 432.544533] CR0=0000000080050033 CR3=00000000a4b0a000 CR4=00000000001426e0 [ 432.552614] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 432.559454] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 432.567072] *** Control State *** [ 432.571429] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 432.571644] *** Guest State *** [ 432.578266] EntryControls=0000d1ff ExitControls=002fefff [ 432.587207] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 432.589036] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 432.598266] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 432.603569] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 432.616642] CR3 = 0x00000000fffbc000 [ 432.619207] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 432.623683] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 432.629540] reason=80000021 qualification=0000000000000000 [ 432.636347] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 432.642675] IDTVectoring: info=00000000 errcode=00000000 [ 432.652792] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 432.653766] TSC Offset = 0xffffff154c0ad654 [ 432.661730] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 432.664970] EPT pointer = 0x00000000897c401e [ 432.677362] Virtual processor ID = 0x0003 [ 432.682286] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 432.703108] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 432.711364] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 432.719890] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 432.728699] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 432.753197] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 432.772517] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 432.780529] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 432.803829] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 432.821330] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 432.827781] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 432.836175] Interruptibility = 00000000 ActivityState = 00000000 [ 432.856283] *** Host State *** [ 432.859779] RIP = 0xffffffff8117dacf RSP = 0xffff8880579cf9b0 [ 432.867241] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 432.878380] FSBase=00007f8986666700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 432.887251] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 432.893770] CR0=0000000080050033 CR3=00000000a8773000 CR4=00000000001426f0 [ 432.901470] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 432.908166] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 432.914922] *** Control State *** [ 432.918371] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 432.925798] EntryControls=0000d1ff ExitControls=002fefff [ 432.932514] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 432.939529] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 432.946354] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 14:12:18 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:18 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:18 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff00000000000000000000000001000000"]) 14:12:18 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x2, 0x0) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$6lowpan_enable(r3, &(0x7f0000000000)='1', 0x1) 14:12:18 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x2002, 0x0) ioctl$RTC_IRQP_READ(r2, 0x8008700b, &(0x7f00000000c0)) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) sendto$isdn(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB="0400000001040000a5b1f8da2e5507b3f0f9276bc2ed3359f91fe092e16a28db2b37f6964b6441c23199b9900d032b43e27d256d927581faffffffb9311f090091bf09e09e7590248aff037bff5aca437cde2233135889fb11d0d8e4d7307c9b78c62995fa122d9947523dca0a83e023c6c44a8c230c51f0c03f4b468fb5b63ae26e5b7f9320853086ff50196f72f453d926b09beb7b7506eefdb125c6a4677f0aaa967fdad1625bad094ab651b163bf9ea0fb5ada63212ac29aaec79542bfb5245956b7d695b52eb4544ef90642d9cadd2bc115eb3c3e2e00910062902a75e025353ea9d477972d"], 0x76, 0x80, &(0x7f0000000180)={0x22, 0x8, 0x5, 0x1f, 0xff}, 0x6) r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r6, 0x407, 0x0) write(r6, &(0x7f0000000340), 0x41395527) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x2789, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x6c, 0x0, 0x2, 0x0, 0x1], 0x0, 0x20000}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 14:12:18 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0xfffffffd, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) getsockopt$inet6_mreq(r1, 0x29, 0x1c, &(0x7f0000000100)={@initdev, 0x0}, &(0x7f0000000280)=0x14) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) r4 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000300)='/dev/autofs\x00', 0x103000, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x48, 0x3, 0x1, 0x3, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x200}]}, 0x48}}, 0x0) ioctl$sock_bt_bnep_BNEPCONNADD(r4, 0x400442c8, &(0x7f0000000340)={r5, 0x3, 0x8, "8cb12ec92918f782fd53c56d78874eb3f3f72f1d333ccdb2f361cac580feb85d222d1bc59fb86e9355e976167d26216316fd3254000aa851b146a0ea3849d6ee98972c2267414b860f26a2049c1bf231e6dc5a40cdf3cf2810190d20c6d6b9aedf5215e19f0bb958df18b884769c37c1853bbb236e1bd09afceb1c03aa124c"}) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) bpf$MAP_CREATE(0x0, &(0x7f00000002c0)={0x18, 0xb6d4, 0x212, 0xb18b, 0x80, r0, 0x5, [], r2, r3, 0x3, 0x3, 0x1}, 0x40) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r6+30000000}, 0x0) [ 432.953072] reason=80000021 qualification=0000000000000000 [ 432.959388] IDTVectoring: info=00000000 errcode=00000000 [ 432.964910] TSC Offset = 0xffffff154feec761 [ 432.969234] EPT pointer = 0x0000000094e9e01e [ 432.973712] Virtual processor ID = 0x0001 14:12:18 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:18 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff00000000000000000000000001000000"]) [ 433.094864] *** Guest State *** [ 433.098238] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 433.124524] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:12:18 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) [ 433.168242] CR3 = 0x00000000fffbc000 [ 433.177274] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 [ 433.193383] RFLAGS=0x00020002 DR7 = 0x0000000000000400 14:12:18 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:18 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff00000000000000000000000001000000020000"]) [ 433.233154] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 433.257362] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 14:12:18 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:18 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) [ 433.284088] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 433.299485] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 433.318942] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 14:12:18 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff00000000000000000000000001000000020000"]) [ 433.363091] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 433.383629] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 433.392663] GDTR: limit=0x0000ffff, base=0x0000000000000000 14:12:18 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 433.413049] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 433.442342] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 433.485715] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 433.500353] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 433.508275] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 433.521093] Interruptibility = 00000000 ActivityState = 00000000 [ 433.527473] *** Host State *** [ 433.532453] RIP = 0xffffffff8117dacf RSP = 0xffff88805d0579b0 [ 433.539813] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 433.548293] FSBase=00007f2c0b2af700 GSBase=ffff8880aeb00000 TRBase=fffffe0000034000 [ 433.559109] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 433.575177] CR0=0000000080050033 CR3=00000000a5b94000 CR4=00000000001426e0 [ 433.587063] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 433.593853] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 433.600135] *** Control State *** [ 433.603790] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 433.610463] EntryControls=0000d1ff ExitControls=002fefff [ 433.616037] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 433.623487] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 433.630148] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 14:12:18 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 433.636790] reason=80000021 qualification=0000000000000000 [ 433.643201] IDTVectoring: info=00000000 errcode=00000000 [ 433.648653] TSC Offset = 0xffffff14c4861de6 [ 433.653336] EPT pointer = 0x000000009738301e [ 433.657752] Virtual processor ID = 0x0002 14:12:19 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = socket$inet_icmp(0x2, 0x2, 0x1) setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000000)='veth0_to_hsr\x00', 0x10) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:12:19 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) r0 = syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') ioctl$SNDRV_PCM_IOCTL_PAUSE(r0, 0x40044145, &(0x7f0000000100)=0x80) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0) 14:12:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff00000000000000000000000001000000020000"]) 14:12:19 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:19 executing program 2: r0 = getpid() r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) connect$unix(r2, &(0x7f0000003880)=@abs={0x0, 0x0, 0x4e22}, 0x6e) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x6, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) sendmsg$nfc_llcp(r5, &(0x7f0000003840)={&(0x7f0000000100)={0x27, 0x1, 0x4, 0x6, 0x7, 0x6, "f169bd459d55f44b15da94b228997c0e7f9f5b346dd9c748bac24e8dd35175c17d7a72a73f26fa8ac55ad8717de4ae7883cf60aac1046cbc62f1f0ad872c08", 0xfffffffffffff9ce}, 0x60, &(0x7f0000002740)=[{&(0x7f0000000180)="610f71da2b664e7cf21423bcffede8ae08418ccb855d5d124332ad7c9a86f36c4c541310fc8625057c1771fd74b15d6a4450b292a01ba1bdf5e17c62e73083d90fe913dd7413a6c1fac56ba6821b27f97b610d9b58516b00ed0277462427482a03c9484969124ce5bc5293b4812025cecfe5931cfeb55c5e7468a009bd393f9ee88956daa7c70174e7648ab506276cf4098882fbee18f9814a4f1906977ac4c20aec09e8669747ac31df7ff41d045d3d44", 0xb1}, {&(0x7f0000000240)="5d46c5fffb6f95f4f4befc1d7a3f2a11924d1764b4cc772e2c57d0478f068128fe83bbc8a54f6beb", 0x28}, {&(0x7f0000001380)="cf681087ad2b314fc31e64bbac74022ed1ebc752246643308711647a5ef16704ebfd8cf4170f2646397c8e6e6864ae461407da5b89cbe57a59657951935503a92030f95ee8a4c8", 0x47}, {&(0x7f0000000280)}, {&(0x7f0000001400)="06", 0x1}, {&(0x7f0000001440)="3598675e91d67c5d7a7a920cdda048e871d7da922a6eded3def948fbabebd98d958f36cb4e1d7605ae72486f9de3955323fdfd75b3873626b183aa83e2e686c4e1bb61582ac84ea0127e43e6443cc151605693f3c6e005ef3479dee433e6d60e3a1d143852ac8893096e27fd5fda56b9646419b86a5132a3772d9589c077dfadd60d4d6d819d522231cdb46c85f5c8ebb365ce4ae2121559938b68dcdbec5f3f", 0xa0}, {&(0x7f0000001500)="e55f7ace6afc4db7ba7e5436762294e17b5490c742c9fb7c0baff27a1c8b6427c73cbebf5c69c15123d92b8c5bc4f22f78780b5eae38a5d3f3505a244a885281402de9baf861160a7ce703097b81e0a2a3448e34082cb6ef1311d076516057f3e8adfea1055027858285d6591961390523c183c729e5a682820906a2ed00c9272c57fa4c604e7e1ad6d4299d3b9d066962329c9a691ad12f475d85919d95b0c883d310997a585eff450ad653d318f4cc5edf50cdcbb8847cb798a1a705a212e9340e689efad1b0dbc614b7bfe6f74efa884bf96d82597415a91987d3d11b72ff7109d6521fa6ef74b9b108a1e2761e56b680cd830f74c582358cabc397d14682cd003f708ac1339525161a8b47c8a1bdd6ad61eeb5ce8603bee2eb483fffa48fd0944e111292e301138674b48508954c8d5e836bf03ce8b56f283768d1675e1a8dbf3d0a591dcd99c8b14d789f8ab364138d444e6ec5d84537d3b84b99810209a126ff57d95897a18887599fde61e7041f1afdc2bf6a0bd4fa85b3a745e0b35e6c66f20ad88d600474e90ef19f79f4e136529d33c9eebce67e841b3ea415f88f3548acf6ffe36c65854a06a5c197f4986c4b67e3dd526360053e7876886b7f535d345cae47454a915958e08a18dc7ca513a2ed3b7cf419ab87b1ee4555762e1a49a5c2ff1cf5a2e4b28caedbf7ce19e8b3f940fc03a35172569f37cd829ed877817ecf6e968db8abc6724dfc24ee653948ad052fa503a017c90ced28c664ddda0f8236f4f824f684639938a5ada3185df922c6f18940276cc18a65228b925502ce2bb1a59cbef1543b64f0231b3736a8fd9fd5979ee586aa75b4108cc382b999c38e5baf4abc7c93c48b0a2f6d2d637e5e31ed4220d5d4a2517b02752a4289af40ddd95a2b80bc2fae25120f6b370f2cd677c5a0437d615455cf0d587af2fa350f200d9695dff938ce818e96bf85b79bd3c37cb523b5d27f7755c15705198adc466bec6d3304d8e6e5db9891d7c270a314e0fc8694edc8cc9b60facd8ae104a8fc0eef4d8afb0ef080b14e2ae25be0904ce63f2c19ee24e941371d4c70a8979cbbc393bb5462a2967d2cf30ae5776a3757d14b9a261a096f446819539e37d79948b14b000056de662c80ccd41f145f652609f0b94e6d399f9dea6d0ac01fa38a66cf74e69778b4e01dca2b4799aae80b839cafc01a614027e1e62888f462b903a83c105f59d17aacc18f3f5855653f8f47247d117dd1c03b75afd3492e12bc3312ac4300d403d7e728c62f877dbf8f160dc448ca9714362b57e58ee376c9529cec14821ebe11172905a247ade22e560ec2546e7c5b6e25300c86cd2718c28f58c1d31a560dba575b07d0f4a0b9ed1daaf7432eabd83ed9d26c9983dd718b21dc0907ebd414f4f23db5a9519a477fc23afb9a42b83c46e18c759cf0f33fdaeb15d8f9dc3f0f8553a93448dddfe3644004e723a6700db8c3a7d4f5a27c7665cac86cb38092e070ab63c824f231301bdcea3b36ecc8f41a0166171bc5214a4d2ea80be8080caef051eb2c4cc664d9da075683a7cb7889e8eb0b805597aee571216a89520a454ed20d07992fe34c77599b01b0ae6bb662fae943b8aeb705bc323f4f127d197535745523d4ad5480ed466fb655d89dcc40fc7098718ee8bb19d2c25d42bf69e4898868718f4808a91aac724f3cc1ac200445bc8cde162f0a2f9cc71a9d1e03b839d801e9bb17b53b557b40ed8aaf153a2be25da9d60a461fe2439c5d88d09e592c946d87f87fa8ee1581b7f854cfa82e527548480cc301cb8d42b4d25b0830d798357faf0e0332b079f775bfd855affff4e105cbfef5a0e2f96e41876fd491d975e69fa8836c877a3ee608dfa968391480a93d46c3c2f27d1334c3d9f82b8376c3030b82186645a77d2bde7b8e4b1421fad3da93234a99370d7076c31a166220db2b7f6837735f7d2650a8793cd5ed30605842516fb38381834ef3e4b3fcaf6c0c416015c48483d71a1b986558023668e36f13f30e41b815a091d0d686c9bf3544f5dd8e639dd5816502de46f9f17f8446cab04a58b7d1fd0bd4b01b8b4d2005f17ef17d1b1d6e846f6f2b0f3f1b308189f91476998f60e44d12ae5399ceafea3e02c9866f0691c3df7259aa22d09b356d63c0c56c86621fb8671ea30cd6ed66406a9f4eea5370e4f9e3517626c9848c46bd658c36dc2b4a7208503692f2acbdba4c3d0d9bf39559d0161938cb9e8069184eb80c41074af8055fc312e6943d4e0973e6f3f0155d3afcd66fbe733ae3c0bda590801e085985816941b7746b8a24a74e7c0fdc002a7d9b4e745ee7c18770d99ed3535edaefd6e2f118152cbc68cda10cbb0a7662e5b39c5f392e1a9fc5a4870ea7783189a6ce2549c4a34e610ee559355b4040d4a692efa8e8547d5242491e30005de3fa4cbbf3876c67980436cd5753d1497a3b044856a7d660c9f70482ffdac2aa2cd3232bb7afbe3e8c599165f5df1de824ed104e2abdc8042c379af0e6af9b3b1458c1ab96a2d09c698bb525bed6d4500e75307dcc2ab75a64b9f6f1acfcf67d65195ea080c1feee952981bd6548a620a3ec1780c6b3f5dbe6a82dd79f18f51317e113789c6c74a10969f7acfe86d5b18beaf55f7abd5717e18ec38fc351bbf2b6f1e0ea7cb1a8cac7a4127cf53c559f8451b8d27df728190c236b7f05ad197b057ce323ebddd5e432789bfc56784657c0e5552ebcebd0c17d66d1e876df527fcd69dff8e8603932599e1689a79290c0df763123f903c453ef638309b834c87f8ad90cb402666c026ae0731d759d9837d14378720c9b00a93c863496259aa441fdfdbc8797498b895d786410c360f0872fafaa3e474f151740c3c174d509d22c2add03b0e0fb934fceeb6ddfe5c33dffd8ead927ae75e8ca8de810fbef6e212c08e0723c517c4543a885bfe7709d7a129bd39ece0facd03d09c5aa0bb779be3faf04d0659275068fa995926bda699e651aa9a5f2ebf6169672a59e650fbf4c4238ee0aaec7986164edcff503f962a0a64627d6dacdce27ce934b3059395bc98b7baf9c2bdace2dbb0cb8e026cb42bab56e9bd5b33a0416a082b2e2b34a0f85885e0ade5b8e7ffeb756bab4da5c5cd243942aa3dbcf571fac6d3d5ed32e3813afc838fcb28d3abb39bf79872a573543a57fb456a80277c453c4f2514dbb48f1f712c0195a6325b12d65a553d6a2e1a51ba3e2b159e7d178a628231deb1f6bd92110d57dd0870cf363784fa91ba931491201d16ff359c94f11a210348b0fe52121f925a6ccaf1bdc81cec4b6684fc0b89b680c29c9e327dd0f3aac07bec23348a6e6beff567dcdea5d969a2b9fead462e32dc053fb225b7932c74486791b76a4b3bddc553c95bb927f2227ca5c3ce40f5bb7686cd7d97ef3c61ee3c0a200f0e005c0a4c8569cccbcbdf8150995a1e07b6c78933062ded0a913643a90803ec156d29681147220aea61f097a5fe13a20c11073546a5818e697df46194a782c184f893575141f8c7722e65080b9541083d79700810b79a9b554c75d2bf98dd771b0482163d84285d75cf7cc5feea8c602a0b1dc68efd64634e62e93368dcab5f561728482db99b92003d2443eacc47eb02bb89841f977d34c5fe2c7fb58614f72b0d3ec0d857259c5cbbaf1152da929a81df2657197b268afc41907035adc02f302b5982493c0136fb13b889fbdcb1fb3ba775691fc46a693e42b20580f00a8bd008cc0317033f6b5ab471e34236b3c58757d9e960303b17d851f683323b9cb5d11173b29a4be541ec19b4bddcb313f7a037bd95e73d7036c09c682a221c00f60202b7148f8c3d7e56052a9f6a56be9dd26717b3c74ff69364518c5a8e06fa08662f9fe7e0232f07a4b84af3c1d43dbccbe96b00b50e2edb446b63281d9f3afd90f53479dace647d77161803d51c4d092261ee4f71712479c78dfaaaf1339b84b8affbcbbc37d5644ec3de94811ea278738f69d275eabf1d9cd7110a312dafd915ff4f194f486b28e851f5c4e25b09792172f8842b587e91e1890ac4362e9f21a9f30b37fccfbd719dd2abe5bd9fdbea70fa598497e7b918b15d95ea58bdd36f8d5cb4dd461845399f65c7bca73b831f1d0015e3024c9fc45c64d5753bf33505e7a6fa24463b21f8eff54e41f9b727a83f8792364f288e5322efc48539b8e658721e93ad8b5f0a5eecaa061ad420b9571434eebc4431a1f511827972f70c1e18d91e34dd07809bbfbb6683f8f051c54afe11a616b56dbb0e44069686fde1d34bbd27e3b7862ecaeaa723ecc3c177ad32b4687e678ff8bb6f0ebd59b11be90862764bd9ff86a37c0edbc82590a904d5a795bfe542713dc64ed24325633c03e0276106e6bb147eb2214bf1ef1caf8225dd4296075fc0d9e3c0656e24a56dbfd2147db389360853a5f4616e5ef9beb28eb93cb7c98a255132fbe4871604c258ef31f1a932874e3389c955e5a180a6a098d62b16e0d464b35d0b27cbe58d42bc22ae2c5bc0ee3a27e8fc8ffb86285fce9dc6e50dfe139f7cb62e3a806573efb9e667c39919eb72505f7976db69b061ebb4120ff777a371f5b84891aebf970aeeac996fd047f5cf839cfca98365bbb9bad19570a2f7a51d42986411b1e9b6348d07965c71c430629aafa72808c4634a11e973736abddae506659b871f4e1edfd26daf457b8d0de3bd770174395cc417da76eac98dff913f8d36d0605812a397931d3bd725a7c56590456af72d36e73779b0bc10cc179bc9335a069caf29fcabda7fc6d2870fd22e25576ad68d7209b1aac8f4765bf30aa72ccd6d825c09402d5a373769388375b20ac571cfb31b972374c162c15b7bb861fd41169066ffe2be4679bed57a20201cdfdc355d1d90c7d85c35541114dffc46b8c9da759acfbc56eef037b9e035ead35cfe53f0e6762303cb9467521d2da1c33b7910d70cc5c26e355b417eb4c4bdbbb72f47ae696b56d28e0dc99985c34a426f57f9617f0891beeec0b93c6ad73dd04f4b78695ff3d37d6c35372dfea81368e0fdd296ec8dfe2c206a6b8207084929ff5542359d2a223f992971e42437d14f95a28883edac53c025f35ff90e5b0721db3cf246e45103056cde1b5d7d4c5d23209e99718db434d90ab57dd40473adca842e012a8962eb74491d243f40ee8fdad9945618303e9de2ca0d3f40405b89ae133b9925a7eca254f2f1dcf74e7af4b38849a7c4e52657ab039c3279a8169027242e8d088f739f64e423cc54ecc9f10a00a041a381b2fe87ba60a317aa5ae84fecbd2b38d4847e7ed5a83cff736a6b4c0658d2db16eb387bf2fd960094a46be55cf4cf06889d6c63071b76585f89397108b2571393e6ae13053c2a256a740d722b5be7f4e7a758604ca5a5b73a7e76aa967d7608dec3e39d53c3f8d037da2a63c86a64bdf0acffd9d0426a52f9ba7a4ee237f6f0e5243510dc2299523c29f754ec925c1bf9a9560e91cb6402e0b37859ba3f5eb430aa85900d033a8d21bdbee7d2d7c69235e0fe46b28e28d891ef68b4202fa510789842bdd1f8529fcc5ed24d51db089f64f4466869a4d6bd4fe19b06d4f39bf1485b8445623ec8f2af13e09508e330d4fbdc5dc16bbfbcfe9143dfc3813acb3c328c1f69d4ab064354cee816616b86cf258b74a940bee70f0aa4f2050d5a4f774214b1c8b61d016572f92c7601881895f6ae1ebd3d65bef18c4d066926639535f66b4bb2dcc5f0f0888fa6195d4e1f74a45bcf0a48595d4f0556bac63c05d172b4a3fe4760846f95fd1551c3a8ea6e5c7ef", 0x1000}, {&(0x7f0000002500)="1bb2615fde9ad55dce9416173b31b353521b12f17b776317e29e6605c4bf6c32ea5cc1f15866c66bcd5f3cb149b6844cf4af7ceda2e93b79532a8aeb80417e1c54421293535269fe5a56ea320241d2eb11e003fe0db0958097265324aaac7dbe743dc86d79d9e77ffea6ef64bc8b46c5bb99de51847036643c73a80524b50f1237d9c364f0c4701339264be8920a56886d983b1724f0e63e1825544af1df0687708ea4731e499c1bab783b70db37e3eb68fff376a94430530a68ff763f479a4ca83145fd077aca4bfa94d0dbc4e5912496fdf67181c743a87b37c14a985d02fe6a91addba7999b6b9aef19137a2e3896aeb610", 0xf3}, {&(0x7f0000002600)="6a783673ea5f73322d3ef9d73e3006851681c7bc57547b76dcaacc7cbcaba59cefa5a9befca0ee0262240bb8a10b851388ee3d54d7a570a5f0bff58cb269312f897b294caeb727d0bb4fa7502224d40d92a251b3b77729ba16bb5ce1459035f98ef0a4a636f50100ded712b6109ea6b29fb8000635a567fcba40e80a618a0cef27b0a4bf668afa1c75627bfbc7e9880a0cda5927b6b2ad7eb6df45e0abdf3fdf429e8fa249aaf877757e6bfb22590daf32e839692dddce1dbd250d9a8a6a61421fbacc356f8bb441bd7d38d3d3f18f59b2808dca7c842f849d", 0xd9}, {&(0x7f0000002700)="5b373b10cb597f08e48da1a1fb4d2066e60aae7eff56552efaea0c8ffb4daecfc7f9ca29ffb12307e172cbc4c344851ea7bac9be2a3f1c2d", 0x38}], 0xa, &(0x7f0000002800)=ANY=[@ANYBLOB="10100000000000001901000006000000e62e02511bc236664ab306bc94807c0c2e56defd1e6255aa2f2f841ac12906e6a85cd0349f1d6260497554ca7c07d4de9349d94078f9f60c46c395a0aff479f0472149377ba694a4ad316ebd40242b0b575d84bbbd7226b55331f225a88c1509c98256660bf965d32ea59ca9fcb9f1d25af50fe071af417e696a12f8e86ad2c4836004e41237f42c9a0a225873ff31a9dd9df57ad44cebca63865f6ef92f0aa22fc90f8c8ed78a4bdc3263d507044348c11d61bb992b17fb07781717255862c6beeef436cfa13a3e96d597fd9c4bfcac23047fcbf07698f82968e55b7e0bfa95bd187ca978ebca13176bdc5343e6436744ab295f77bca9aeb02b43789450fffa1235a81ba3275345dc67c0550d36e88d19e1c3d32de0a7c78be1b0fc2d1548bfb5aa8da048b6bf57a99ac131f668c3a152424ce948194b9af7f72c65441be13e56c9bdc3a0ec2c244a409bd4d0b67a90720fdda18cf61c714f7aad2a68e6c01ab0011b805bac7488da5fe994302d9f9df807d62d0b7b9e559324324f122de87a4e8342be98997ffcce11ba351dbc776467d513bb5b3cf10ae8f6ec68e8a9f9c09981432c6fd64dcaa1763d700ca0e2a95b2fd04432f6d4458bc43cc46014f36bf965ddc74694478c5e8373df00ad626ea11716aae97d1ff01ddbb643dcdb2a3e4bb2a6c976e8ee0d77946307b48bba2d7ef682a98746098738240667bda429622110e098ea2cfe672ce8ff176a24aab27a9fff24a0d3acf10415a01c8d4846b3e798e9a760ce81a314ab479706dc9448160ad8878a5446baa55769882ac192c25276492d5c13de0fde7c16d41f0dd90b7e72f7a5d04b7cebb45a50ca42938360bf7560f964c25c6724563642abe5f2ef708efe3ae3b056a4b85e79aabe361448fac83b754b6edce7cbe8eeaf56e70c7cc427c4bab88ea5c6c064b16a2a97adbe86b10c8e62f0e19f3c56b42c8c13b4501d1e3c009f958ba1fb949be5fc22aaac2bb296db3d98ca03ea276e387d51e74d6008464e778712b1f6717c5c49d272fb403329430d8507db402c7b1561b35294d6025d37bf2ee9f68d8310811292e5b99cfa0e6b01edea7f82cc7ac3012706df43002470ccea69a16ed6cec5da1142c79c133d6789f56ab86764d91ef9c7aa0bfa06c6a20171516092b4517355685d2681abac6f6e28d76d7cd5c1ea06c18e3a22f5aa241f08eb40268d9bcd2391595274b05d002a219c4182488dd90c8ae748d5526358f3a4a899fe2f46f0a308ff3e798f6f1381d7668b46b2838f9609d3dff84d33ca3825624581eb65a6e4b3f0065b388220a42720ce635298857e623019ea811d134c2e6451389e98ad131e6500e428cb139cc0a2b301dfa257dcee5d271c76816666cc36d1a2c7dfe7f683e1c2b0a69919c137dabbe2615766d4e892b1e7a81cd33ccd1e891e6d9b51622c54c8d1470ffd1a688a19c6d2b50656571da9f6605b225e6ce6505c4a120e0b8e8689532300d2d33b8b80b719bf4ce5cb2f1e7de0ef1992c7401c5f30dac20d063e3f6f02bb515c2ef047e23c3b987cdca0822de8685198d049e84e15c0ede86dee77393a60cfcfd1828b3f4b2e6e7915966ff3913da547de09352b2aa95c5aaf9f92906d593fec3cbbb27285ba9b375eae57a802ba30a5432adcd5740f966da5e750f5cc6d40a343a4d43c26bbb123cf674a56257a16a304e6952e5db75be1e586864f2d2c02063b9ff35073824903b8d6c3798fe70227e4bb6bee772b1033c3ba4516cbcd6872e2905d965d7f6e8cbd4445741bd030c680bd8bc771c347477325e965143430878dea3cc51f0c31dd0327e963b74332a8c6943cafa2104ed0594145172edeac0aabccef97abc19a21bd84f706b06cd344b909317ce1fc9df69fc66f52a723fd9e9aa38149da463b755f9b1542cd3a7a8046257dcbf2be4d2a61963c7d3b536a3e8350ccb5c9d8c215ef4d32775daa2cba3872f1610e11087fbbdc328230f9c79ab19670990549a22305ba9a99560f5bb13d9c4d66c3f80f0395842f02547128587db1a6b2965e1558fbe00a45a0f18c498f84ca62d8f4df437c22dcfbb326a538404669debc36c3e5c92e5cd9b38520a7aed59d229663255203f75053e9a268da8d70011e7206c11907a2b2934995058ed4281148fc0364217cc39f7df73b7558e64e21de60f642a9788c106b8227815eecde23db5ecc205042040c122fcae0f24a79961c52faec3c2e805ebc99954478407d6fb77693b81e0380359e9fc92d0a1e75ec93d447d0858850ad176e7a5fcabc23c1eee52ca968ca286d5c52cb54e30a60ec5080f914a5480b8c9dd85eb2d625d4ad16c8d8e4509b78a155772f7d6746b92a0b215af6d3aeda5a1271498b8edbcef6a174c756a962452a9d55a86c89a1857e8aa25c74eba417b2186ba609f9a265ffbc7383468347731944a56fc05ecc1ac41690466ef4d9eb156d39596d844176729387199172845bbec933f2715c62614722dc329b84005a9f520e1948ab046a45752d0974670157987e008a394932a9653804ad263389c719c5f80ddf793f7c7d7e95bbd72830ffdc3d97852ebdfde02f965ea7d0d827067d9bf932f1c5adb6680d47622db0f67396298a010827099d13cc36e420756248f4516fd08fadc8a93d5d561b8f43aa72b5c24c9e02ecb5f9e9e1fa1609ad8fb48c25a084731b7746108f60cec96de68d23bb7b85685ea3156c58d762faa2d5927e51c24a74377177360c07be50969a1d2c01366ee726315c17d0e7b03db6447787f7d7d028b3af1f507148f086d681e195ed6cd6e48c496e1bc995359835d179ea77efd229f9d1bd7cd22899c529d10c6d456700f41f1ab11077dd293d972d1ef514d98ea4aef9b0c80b1bec353009305df4c33672c55cab1ddcd3436270470b9d386f8dd3c8cdfd0c3d2de3f1a35665c3cdec9d451fc0a85a3ab458a0a0568cd88fc2b82ddd929b02c5fa84f9d3cf775a663d610c7f35afd4db14087b3553a807dfbf8f90dd501ae60fcf9a069c3802c6eb8ce42976fce9879d5398c507d0badd38eacdfdefcbd9d548ad1a674cb19bc6bbef8177bd940d6262894c0bf7ed4449bc50bffea8db12cce3eb8f80fd220b311e1af05593ad5d0a0a53d843d9e648359b7c9539a449f34afdfc901808deb2d4d9c22cb333139b6fd16a5d95cee10e7e6e4b1eac0a61f685e3a1798634ae72cf62a76d3a6fb3fcc99d4cbc6d74042b1fdf8ef28fcfee0053843e33d29fdc57bb4abc45184534773a6a678fd7da48bb48c99acc30152b5c67905f1ac6a9e3615043a830ec9fe391149d849bd8ca8f6bd3fc2759218695323ce15346cb25fc14560c8133158f3ed9bedff89608fa2e6fc96880860d10ea7b2501e488707d8deb270769f8d9c286b553ebbdf6ce8f6452c7bef96b5e68f379681d592bc0f606acf875be188afbcffa7033ef7df38e532e37bfeee1462573fc1baac4b7fd016b846ed3be58e70746efde03c80b04e245165ca0efaa9e1d3deabb6126e21cee4c9c0a81397e82ef9e33d44514063da7bc6ad7745e36472b7a232acfa033ca7b5c04c9faf3b37d501fcd4f5c459b1c5cc72dc492ad1ca4abe7e908d05b7eb40792302d554e7619c12c05e13a347cea1716634f931ae5f9c76484e8835aed6559bbdda8b59f7f5979844625fcc6f8509823ced93f15d22abd5d5f643c3649c5a9d7fdb13afc1c793c38a5a9190b90ddf843f2292f9a25e20e40faffffff2dc6112a8c638c9ff34c6abc0757f94546f8b8892a2497953cc0a6c093f380ceaf9a24f52720b35b3e8b1e104db31d75facc1783df3bba2eebf51c96d2c06bb7e951c306ad957521fa607cd448d82fb240ec50aa72632e634e3537222dffae9dcea83de40b02e98418219a07c5880ffaeceaeca92ad4f44f366d4ec8737b82607b52ef438226c7f5d5f3dc38dd86b41cab2bb8c0a5c01ab9f25c5863ecb03becc5993e68f84bde8203af5109f2f35ba99f589b4fc7cba9eb871a62b47602decb4c84c8caea3d12c0ce180d63d35652e0efbc47673a4bf4d44c89ba700929c7764c2cff0af33081ac5041ddb926fd915aa3bec9d5f6dc402d8bec674d8b29e84ddd30b950ff3de575b26b16857b714b69a4080ecc7355fe59cf0877c62497b7140cf0dc19d96eccc781dca438d430771ba6792990c924470d7dc520514c2f0763401fc92cd9ebbded437b34f654b2b801c0e48032cf1616fb2e0b4bf7fa4abcb823bd793cd17acd263c11bced7618bca56c5e0d90accafc54e280141370e2e13abbe2f199a19f930cd9313d4839a76b00530aa51e7b4214a83cfa67d954874b6b19ad973c2f797f72a1faa24741ef7846f0a8df55c5983b892020ed3cc4531a3ec58ea437594905286d76b89689bb17e409f44033a15f9c4808f993318da3f686ab6b184b31343fa8519ca987bf656f6292a9f32dcf85de9d51fc29c7c1f759100faa50f9024b2ab6464c186d2ec65e6537f5471d9f9358cb6e7acf9a6efecb39cffdc3ec7528f47db3498cbeec215db065a414aaf319849ef23e39039c1066c1e05051264104206387b9fec6fb653a98403963bc550886e3cf52bb3bda2d7ee6c8d10e0c965cb5094798c7524ff38f03b1db47a460680f0ae7e3d14fe1f6e66b3f915435b060253bdf019061c78d58dc07d265d0d45bcd7e02f6c80f09a45f5551161053b3f0630f09b8cfb0b1833a8b576a570aa05dddcda8d81ccf46f08d46ef2e8deb58ae1d53aabb28b2c4d44d0629b137ce0c4d983c96bb3f2b110c1b9237f838c3596855713ce43270b742bfa1b2632bbe0c4bee3104a9ff9538fa5134fcd111ec79ae08e14da3051bbb1da0f868aafa18c5ac37b2d0a9018e700d91abe9ffbf325bb25326e47bdda3f0c1dfbaf61665fd3869fd41076eba96e8b397aadc64af07db74c6d4e0d0f85f002e6b097fa92547038131ac4fee0789f0e4b218c8fa8963f93b7d394ee6d836ac269622efd79e816194b68512bf5fecea06079bf48df520122d3090e68b1ca68058128de569211d59f86da3000052dd91cef099fbd1fe3ebc924911f937ec1cc1c2a61f39d249e069c9ec911a54b0c9fa6e3b5d49d1a629846e841ade65c692e80396f9a5fcbe39b55403ffd3becf9895a60f08e81a4bd96e9f5a726ed30478d37c0c6f9cdc16b3056e10916ca4be86f802add94f49a05b388bbe8f2ca7f14185b04142dddb26d684b43729023adfca6fd55c65870de25362cad5a429883f8b4a87f19a9f2a326191f7fa5b2077ac6b46e7478a250e62973178114eddb1f679fc57162a54d0927e8dba1218d00a97ba565a3f7bb4d0a327932d3778f9685c36504f49ea0e0f1829f65106ecb31e814635775f6520b2c313aa561269cf9e7e4b0d48b66d400838e83a96cc23cf208fb8b7e61af3dd368f62217a5cf45cfec74d43cb6731d25f8d544743761963b572c64a40a96ef147dedf3d1fd3342ae2a600bd8a71ec389075079293796bfeb0b5a789cf6fd68af9326e99db8fe20064209725ed8216db4eeb20353c1e5c6836e30d1d32d15e85ad30caa4697d1a4a3c546f0a328e0543a75340b8165966684877383212f731706ac67e85a107e2e42beca49ebcdb8517bedceea1fa066b6068b45097661a2893d7ed8ccae769364053e864ad0689faed51cd6fe21fa916f8dd472e744e8c12fb66bc0b2d969b5fbbd62552d8f752a726afe868d4cae00821faf6cc43e1fa33e9cd4173db4978eb6791c172071432557c86affc7ca79719d8893566ff"], 0x1010, 0x90}, 0x2000) ioctl$KVM_RUN(r4, 0xae80, 0x0) pipe(&(0x7f00000000c0)) ptrace$setregset(0x4205, r0, 0x201, &(0x7f0000000000)={&(0x7f0000000380)="1f3c41851c78fc95f1bd71b0b63a052a3a620f01069b1013593cbee75fbac4264bcb24e69923474d69244ebabb3221e5dc35b1458fd8d293835b0ffcfddf9d248798b0f43c7a34c4eadee0d8c63feb979b59db11d55037eb0ef5ebeea998b83484dc81947cedb611514549637527351117b31cd1df742b2a68d80efaaa6eed7095e0ac569e62b273af333f2bf247d53b7f59adba21d2be3ad98df5cd0e984922030ec198f66df857d486d78a18790c15c3518441b0d2dc4f8bea4052827362b0bfce5130d63bfb0c98c1fccd74a73f11f51f894b016858538553c5f56262191e5d2241c9b60194a9286f7a1b2b9097cfb823a607a77b6c473852e79b712f052869fb9f2cde411b73b420a211dd12d5f8319186f59254efd73353739a2123d136a2ca60993e3992d9c5d83133ac24aad96d02fec1c3df3fe3e79db3aa01a2e1dcc28bafdabbc13c1345331e0b517a0346d7b7c888530fa3ddb55cbd4dd5d6a11f3690fc028728f7b883b93b358a417a220d0a38b0a0414cbfb1598979748edaebe647bca551aca1fe042a58ac171d99d4685b98eebe778abdd3cf5ef0571502b177d7f84f448b5bdfe8ff8ac88345c5eee9fef3adf434ff1ebd21a782817d533abac9db87ee6ae3952eb3f2bf289db9eb7c13fb0b33349cdfd3f2257466d146318e5382e8d696d9306dda277ae6d26eceb3bffb390f967ba6748e5a488c4b7878353c0b6de4f0f2fb9b24cb808c42eb4e49fb6829c9bb35edc2880bd6947cd0803815a5a3083482ef3ea7b35f12ab80419e397e5eec437042a4d2eb78ba1b1138a3755647b3bed0dd3209f774d538f5bb0b266abdbe60f19642580a9c481cc52283183ce50050a4949b260c7388da01dc824692039e983b51f541a19af04e68c6ee31f0d1d4e88eb6e4ff1444ab9573b620978c4b7e244025591426568cb541206d194fd469f33c759cb4a8252f42ac9d0a53e9cea07b7769d5d4ed34603b794aca6a926f9baa45506406841ca9b78e6aedd69abbfc1a954b6d3cae9c2e160d4ecb28699a6ee5a74c12121e18bc3c0dc58b3c0da3bb94d1b3bd63a835122ff472dc7458f1a608ed502c4b1972c298613bcaba7dbc40c0407de6db774df3eef3aa1c9a2c3f65c5c8cdafbf56807dd48ec59fc260a70c60880843039c15c22bcadd64df02345f81ec99b21eed160852ebca5b497dfec31f06092f1aa469a3da615fb6aa5349ffdad3a5b7e56ae8af1e15f7b4090ece39ef27d7e80ec12d975911a3a6e2dfd03c3071002926754ebe9a28d5c8edf2b3b113cb765497a916e68d713641cf72480dba378558781f78d190fb18d735a1a3e40dd0f1d159017dfcd062e32d075570f69734fb2310097876db5e8755031b33b1e76af6aaed80f8aa83a375b2aa7cec679e189976c6e9c6bac8ea76a964172811f8a37b1c7102762ebeed859d848b522f1674b9b2472b2c7bd81ddd70cf214c26a627aa71d3ce9af015d31c05a5426b2623556e31d89ba0ebacda6fbd18a65f7302a49bc0d433bd52c4061c1822ab363de590f5e26a7d82e730fa7e9d5f1812cbda2760270c67796280ca200667b761efb51ba12efb9a31ac8f28aa5b1fd41d0434c8962ec2bbfe647f9e4d0c5aad1603bbde667e9b6ed3d9189bafdd2540cc13ad7315d2149e3069d0d2cb4b1f34a57282f1fe7f4c0c7f4fdc487d5dac8d31a9ff507ade6315679596b37f31141aa1f388a16c18decd8a58fdade429c00af40932e8293cc4abf9c6dea14db845d4ef1c409d4ef6bf312b8d1e39c30d3ff5fa10a7c371ad9d1d757bfbe9578ff939811b4d6e3f2fc49731b9da5bf8d886522ccda67f498e9f7c8b68f423e848033fbcf76cf78bb1f5ef77527e80c1f2a0603f86bc6fc3aadf74c9b6f9fba59827b214441b4eb7aedfedf0f9608a915926c566cb0e984d588ba090b1dca3d6f2f651bf1bb82a53ac417e2912c3bc94db8323f7222f33017ca5488e1f9f394545875e3ae2cd027755844339d3f2453d106c01ba768bc322691bb130ffa4f6008fe05aa04dff462534c02ba782549a2d15c81df7c5798b201824b5af59b03cff27b0f58c0b7ca50760484bc486aa8d67883fe353901a60897bd90b65e36aa153c7099046247a331250b2126a94efb4693aabf98603e8b6f2e69fd518b9ff547b937f8702b4482d1ceacd16ee067714c08d319c1d8eec3f3f99314293021bbe89ff2ef749c302a2a2599717f266c67c78eb6437f0a46263a17831ee9afbf5f4326b6f8cc8dd9e55e68a93a52f92a070a50ab050c30de8966b28b0551baee7e52715e578f57c3fc84b9583b71b68cfba14a61443786542639b267adc6e3fe5dfc13a1def4a1b789d64da1846343bfa0ef75dece6d23c8668c24c884195fdd90f5e60bba33e9f0781a68ce79d9961f9229360a7f2257b74606e319b398e284c75a094cd2a0dade11ab91bb355623e825b971efccdfac1d312d3ca1b47af4324f799c13656e70f6f80df25e9ade57d7f197f7908d5a4f3978f0527efe27b3a66bbff896f516c08f4e6353ef31e24f4017cb12721b0300205c30b7fff34ab84b9f645d5a7d290a63058571d66bb9b91afffe7490a22007cac2cde670491ded1081434bec053533142b15960a95d7bb835b9017160699d70a0100383a709212a7bf8009f43316b117b27c630bfe20ef60adfbdae6711469cfc8856eb110f1f108bb70317e5d03ae45ccd159116f22eedc0a6d2629b5c75068b3c48444fe2fc2d379fa61f0f002bed8b3d17a139793bf5876a688425216e4d3855d9312d774f7605d0158ab2660edea5c80dafb0c54b51e4e05023b8c54d3de0e2975f6442750178c7a11e7d36b0c7c34a67580d541aa289620806c3f0cd72d391eafad61aad8a737fa85fd3a823a43abdc4c5539664d0d494d1c8a76716e59315ff5af3a378d53101a4621daebcada70c2353cac3bb5512217f85b8fb62ab07bad43129cc9f053203c7f0da51477bafbf7c917a6e25ce85724fdfb846573ce73498f936c1177b0cb04d81f9631ee69dbcfad099950f983e3c85313b60bf5850bac1f87252e529b494dfeca6b1d5483e9fe1ee020475e68c04a3674ed6759d47fd45477fb0ed24e2f31141ef6339145c71c7dbe97e749d9edcaa566fd30e1384f666c7f7542722dbaf7f4efd1b9eae1684ea5de948e01e30197629cd2acb504241ef878b1f053131a61b6e1302e0c5db45bdafa5987d6f1070258d044f7237308696f099a352f4b1e7c2c3aa0290d4f47a1ed298707ca7ac07e05052f9239704a8ef60ffe1beb14575299ef2b414f7004c31b3af55e1fb30c81fa12f176f8fbf7ad73f9a7907df4dace3b6db9f0bd12ce6dfbddf0f491f1fb27ccfc67e45de0bb4e66b73f5a98c8985fbbe30244e4c231d728b185ab619f8bed86e322a6524a9a83bfa05451ac98f84112d03cb07efb1a8d828b40ee494299cdee90ea72d81741d07e67fe1d57dfac1c263bba207b74ea05eefa4fb6822dde46572ab8cd4da245ff56ee50ba8ef969e7bed88dbe4893b4a2625a9054a3201995ee75f44b79b366c6ffc6c08596cd634315bfa070e281e57d3057aba0dc5d70308b6cb88096c0223890c91a1c6b40fb78f348e2f3cfd744728d069d499d95e1a6ce8e5194fc929cdac4b4ae7e68277c19192b760d7c9601158a0264b32a3929699e1633ff1f5da98ab95f525575ac2d1e79cd7e0df32da27d2e594b51c904155b3a6a7a812df6316e1b6d88c99bd9fc7115077e9227f9ccf7a3902d8c67d205a4ea225470ae2612277662e9030e81a9d20f51deed80c30cdfc05bdc09a2dea0e09ca2966770eaa85da01f454131798f08db83a5523dc41f1ae8155a5af5bf049a07aaa12deefebe69a94b1bb7675d32b655fd5ca7371961f308e04f5a3e72b1bcfb74e48333544fc4399788e2efec7e1850599348df63a185a7201e2eee670799b80326fa55625649e52b667deefb9e845f81a059c65ddc9ff738a053f6491b90eff089c43c0f4db0e1f2491f77589de686a0383c7664e142a95942a06169bedeb5fbc83b1190b4f99e4bf2b7c6349ad04ace44305cd3b9747502e739567cae85febec4a170fb871186c89e6a9cd7803195da8387d065981e97926553345c47f1863499b8127288b307a1ac08a0bf249f840573a3f0b2e93d627bb108c60b0393e500d8c7e9787080d977fc59fe8d9cec5e56a3438a3f58943b9103d7332c915bf53377f342e91275d2277fe3238e1eb08d19ff95f010c5d72b2ef68d56f33ab9a97893bee1d1ad21935d31fbe336b3d49d2835538e4de1c24f7a75c23589ba5ca94adc7b6011341feda54d65fe9a733dd56223a26f3f78453434d1e8abcd41e5af084eedfc1c5d238e47e33f5d5030ca796daed267e0b1a00b8246ec4f80ee7c6c7aebb1efed2bd11979dee97dc4acd49e567cbabcf71de54139ecdf153675263cf35edb007f0c5a3d9f2f528a41e5a1cee1b28488b57e041814123c008e8e4ebfe77f802a6d405cd33610cd7ab075611cfc32165e139802b56c54d641ca18c2b5b80493019a3da29cc4d136b4f3298d61630ecbf59bf5aeda14d9b56e13d8c746c8d7d149bb9d6401c46aafb13fada66373d5affd0fe0c605ffb3d7c53932f8d2e19aadbc12484c3a0431f50ef0c54a1b78661481feb17d8d7f56e4ca94275087238fa63e26ab81e194cba73bc48285e05ead0a3f7f3c1c354800332503348ae8769012911da911905ffc4945de7397d30bbf86076e0f5613cd9221a21f1d2c4f6de0d226a7a4fb47947536d8bda93ed5ffc3bb159162d2f12798cd40855e64d7c540c21d1330f310a7b7dbdaa3cac4b7ed4d1528ed1ef382ddf325ab95e2d59248a5ee93c6766ff661338984ae7514eef813f5e50bbff9a625e67237399f3b6cd52743b7130d365eb8142b1aec9a5380f9f86166bb0eb2b583fe27a35379283c26047fc77cbd7c77688f669cee557ea1ca50a836d1da35066717af0c092123dafd3be82275c2e867b2085486f9d8b70e56858b50a54faac7fb1cf8001294ba4af4305f9cf27f8af589c95562577075a72a7719d586bad722f56c0ed3cd2087b96851efe351e50e43a52b23c133b3c1a4e81c802366f4c43096dd433c80982d1076ba9157b48f92a355c9855865e3ba5474b16f201869f475bd66bab0831a5289a26b23dc49b150884e9d9767b3b323c6fb67b00195587537e29063991c9979dd06cb493176009d4b761d4075dc606c33312b0ddf557681e24d4d831a632ad19fcaaa03d300dcc963750f5436d41e2d81d99fd44ac5085e604b8739618012d756dfc4f8e063154c41d4d6787999053809feba9d353580c59089948ff52b3d1556115a7b15872ebd6b2734925f716a3e201d139a0bba887844cc884a1eafbc8e7f12e997159e47dc7f9931c1eb3990062d49c035eb92a1499fcf3f37794b2eb74e8efbb0c572fabc9b8d951d3e7173840b9f085effc417fafdf77ce06d043c96a33f85c8a26bb33ed8728bec3401caa395869b3c9009221d020a4a84197fb66aede41aff85cb9a5b893164a28f4308fab126bcaa930865e6988871b29aac3eabaa670e08cdaaa6e8c5243be6321cb46c758c8cd2a730cc245aed97bf6f92f8afca141341b57440be1667742630b3a1f0c15385cfa545e3dde0fc424fd99548e5f2d29bace78bc81906281761dd2c44cac4a3f4fdd5ff66982a34fa821e5c6ea780afed5e63ab958726d413192e6a302c0d7a073f76c570d4d341996bdbeeacd7135760cabd18e0d73068f79326b9033d7", 0x1000}) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) r6 = getpid() sched_setattr(r6, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000040)=r6, 0x12) 14:12:19 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:19 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:19 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:19 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff0000000000000000000000000100000002000000"]) 14:12:19 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff0000000000000000000000000100000002000000"]) [ 434.107574] *** Guest State *** [ 434.124596] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 434.159504] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 434.195266] CR3 = 0x00000000fffbc000 [ 434.199227] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 [ 434.232865] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 434.239769] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 434.256429] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 434.266046] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 434.278306] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 434.286803] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 434.294930] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 434.303032] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 434.311061] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 434.319043] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 434.325738] *** Guest State *** [ 434.328026] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 434.335733] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 434.339773] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 434.349570] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 434.355465] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 434.355475] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 434.355482] Interruptibility = 00000000 ActivityState = 00000000 [ 434.355486] *** Host State *** [ 434.355495] RIP = 0xffffffff8117dacf RSP = 0xffff8880563879b0 [ 434.355511] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 434.355519] FSBase=00007f2c0b26c700 GSBase=ffff8880aeb00000 TRBase=fffffe0000003000 [ 434.355528] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 434.355539] CR0=0000000080050033 CR3=00000000a907b000 CR4=00000000001426e0 [ 434.355550] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 434.355559] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 434.355562] *** Control State *** [ 434.355566] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 434.355570] EntryControls=0000d1ff ExitControls=002fefff [ 434.355579] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 434.355583] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 434.355588] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 434.355594] reason=80000021 qualification=0000000000000000 [ 434.355598] IDTVectoring: info=00000000 errcode=00000000 [ 434.355602] TSC Offset = 0xffffff1440e2f386 [ 434.355609] EPT pointer = 0x00000000a7ada01e [ 434.355616] Virtual processor ID = 0x0002 [ 434.500254] CR3 = 0x00000000fffbc000 [ 434.504834] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 434.513056] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 434.519167] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 434.526743] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 434.535123] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 434.544102] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 434.552443] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 434.560482] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 434.569205] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 434.577649] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 434.586101] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 434.594578] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 434.602760] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 434.610906] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 434.617388] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 434.624969] Interruptibility = 00000000 ActivityState = 00000000 [ 434.631429] *** Host State *** [ 434.634700] RIP = 0xffffffff8117dacf RSP = 0xffff8880531af9b0 [ 434.640990] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 434.647709] FSBase=00007f8986666700 GSBase=ffff8880aeb00000 TRBase=fffffe0000003000 [ 434.655846] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 434.662116] CR0=0000000080050033 CR3=000000008b663000 CR4=00000000001426e0 [ 434.669287] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 434.676170] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 434.682425] *** Control State *** [ 434.685879] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 434.692694] EntryControls=0000d1ff ExitControls=002fefff [ 434.698663] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 434.705660] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 434.712428] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 434.719059] reason=80000021 qualification=0000000000000000 [ 434.725424] IDTVectoring: info=00000000 errcode=00000000 [ 434.730984] TSC Offset = 0xffffff144e738c74 14:12:20 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x101200, 0x0) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) perf_event_open(&(0x7f0000000240)={0x0, 0x70, 0x3, 0x4, 0xe0, 0x20, 0x0, 0x5, 0x2000, 0x8, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000180)}, 0x88, 0x60c, 0x80000001, 0x9, 0x2, 0x6, 0x2}, 0x0, 0x7, r5, 0x3) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f00000000c0)="b9800000c00f3235000100000f30c462710c4e66360f08c744240000480000c74424023e1a0000c7442406000000000f011c2466b8bb008ed844c169160ab9800000c00f3235001000000f30f0400fba772c29c461cd5e3366b8d0008ed0", 0x30}], 0x1, 0x21, &(0x7f0000000180), 0x0) [ 434.735417] EPT pointer = 0x00000000a421a01e [ 434.739819] Virtual processor ID = 0x0001 14:12:20 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:20 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:20 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000000000000020000000500000006000000000100000300000005000000ff000000000000000000000000000000070000000001000001000000000000003d0e0000060000003f0000000000000000000000000000000a000000c511000000100000400000000000000005000000480000000000000000000000000000000000000000080000000000005e0b00000104000003000000c0ffffff0000000000000000000000000100000002000000"]) 14:12:20 executing program 3: r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(0xffffffffffffffff, 0x80845663, &(0x7f0000000380)={0x0, @reserved}) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$VIDIOC_S_EXT_CTRLS(r1, 0xc0205648, &(0x7f0000000440)={0xfffffff, 0x5, 0x2, r0, 0x0, &(0x7f0000000300)={0xcf9994980514152e, 0x8, [], @string=&(0x7f00000002c0)=0x1f}}) setsockopt$IP_VS_SO_SET_FLUSH(r2, 0x0, 0x485, 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$RTC_WIE_ON(r3, 0x700f) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') getsockopt$netrom_NETROM_T1(r5, 0x103, 0x1, &(0x7f0000000100), &(0x7f0000000280)=0x4) pipe(&(0x7f0000000080)={0xffffffffffffffff}) ppoll(&(0x7f0000000480)=[{r4, 0x5051}, {0xffffffffffffffff, 0x9404}, {0xffffffffffffffff, 0x1102}, {0xffffffffffffffff, 0x30}], 0x4, &(0x7f0000000500), &(0x7f0000000540)={[0xffff]}, 0x8) vmsplice(r6, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800000000, 0x1918200000}, 0x400, 0x331}, 0x0, 0xffffffffffffffff, r6, 0xa) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0)={0x4, 0x0, 0x0, 0x0, 0x200, 0x0, 0x80000000000000}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x0, 0x0, 0x27}, &(0x7f0000000200)={0x0, r7+30000000}, 0x0) 14:12:20 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) [ 434.795062] overlayfs: failed to resolve './file0': -2 14:12:20 executing program 5: clone(0x13102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)='+4', 0x2}], 0x1) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='oom_score_adj\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = gettid() tkill(r5, 0x23) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe4, 0x0) 14:12:20 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 434.895513] *** Guest State *** [ 434.898958] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 434.909206] overlayfs: failed to resolve './file0': -2 [ 434.919165] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:12:20 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:20 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) [ 434.961986] CR3 = 0x00000000fffbc000 [ 434.973347] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 [ 434.988339] RFLAGS=0x00020002 DR7 = 0x0000000000000400 14:12:20 executing program 0: recvfrom$inet(0xffffffffffffffff, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r0 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 435.026074] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 435.040278] overlayfs: failed to resolve './file0': -2 [ 435.045060] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 435.062889] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 14:12:20 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() r1 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @multicast2, 0x0, 0x0, 'lblc\x00'}, 0x2c) setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x15000000000000, 0x485, 0x6, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000440)='SEG6\x00') sendmsg$SEG6_CMD_SET_TUNSRC(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="5f3800000000006d189c754c9ea10000000300000014000100ff010000000000000000000000000001"], 0x28}}, 0x0) sendmsg$SEG6_CMD_GET_TUNSRC(r2, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00022cbd7000100004008100000006000000030000000800030060090000050005000200"/54], 0x3c}, 0x1, 0x0, 0x0, 0x4000001}, 0x4000000) sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r6, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x4) ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x3], 0x5000, 0x20000}) ioctl$KVM_RUN(r7, 0xae80, 0x0) [ 435.087050] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 435.105612] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 435.125592] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 435.138284] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 435.149828] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 435.162216] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 435.172065] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 435.180765] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 435.188835] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 435.195481] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 435.203229] Interruptibility = 00000000 ActivityState = 00000000 [ 435.209503] *** Host State *** [ 435.213684] RIP = 0xffffffff8117dacf RSP = 0xffff88804aad79b0 [ 435.219683] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 435.229399] FSBase=00007f2c0b2af700 GSBase=ffff8880aeb00000 TRBase=fffffe0000003000 [ 435.242450] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 435.248588] CR0=0000000080050033 CR3=000000008dd6f000 CR4=00000000001426e0 [ 435.255916] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 435.263464] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 435.269639] *** Control State *** [ 435.273430] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 435.280334] EntryControls=0000d1ff ExitControls=002fefff [ 435.286711] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 435.293931] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 435.300784] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 435.307482] reason=80000021 qualification=0000000000000000 [ 435.314028] IDTVectoring: info=00000000 errcode=00000000 [ 435.319539] TSC Offset = 0xffffff13ce40e4ce [ 435.324857] EPT pointer = 0x000000009feb001e [ 435.329579] Virtual processor ID = 0x0001 14:12:20 executing program 0: recvfrom$inet(0xffffffffffffffff, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r0 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:20 executing program 1: mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:20 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x94, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x9}, 0x6718}, 0x0, 0x1, 0xffffffffffffffff, 0x0) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setreuid(0x0, r1) r2 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setreuid(0x0, r3) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) statx(r4, &(0x7f0000000140)='./file0\x00', 0x1000, 0x0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) r6 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setreuid(0x0, r7) newfstatat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x2000) setxattr$system_posix_acl(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='system.posix_acl_access\x00', &(0x7f0000000400)={{}, {0x1, 0x7}, [{0x2, 0x0, r1}, {0x2, 0x0, r3}, {0x2, 0x2, r5}, {0x2, 0x3, r7}, {0x2, 0x2, r8}], {0x4, 0x1}, [], {0x10, 0x2}, {0x20, 0x1}}, 0x4c, 0x0) r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) ioctl$KVM_SET_REGS(r10, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xffffffff, 0x4000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x3], 0x0, 0x20010}) ioctl$KVM_RUN(r10, 0xae80, 0x0) 14:12:20 executing program 0: recvfrom$inet(0xffffffffffffffff, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r0 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 435.467249] overlayfs: failed to resolve './file1': -2 [ 435.553004] *** Guest State *** [ 435.558405] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 435.567694] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 435.577872] CR3 = 0x00000000fffbc000 [ 435.582849] RSP = 0x00000000ffffffff RIP = 0x0000000000000000 [ 435.588841] RFLAGS=0x00020012 DR7 = 0x0000000000000400 [ 435.595458] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 435.602534] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 435.611217] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 435.619588] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 435.628355] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 435.636864] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 435.645513] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 435.654199] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 435.663102] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 435.671196] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 435.679187] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 435.687283] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 435.693765] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 435.702159] Interruptibility = 00000000 ActivityState = 00000000 [ 435.708434] *** Host State *** [ 435.712389] RIP = 0xffffffff8117dacf RSP = 0xffff88804aaef9b0 [ 435.718541] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 435.725848] FSBase=00007f2c0b28e700 GSBase=ffff8880aeb00000 TRBase=fffffe0000003000 [ 435.734347] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 435.740369] CR0=0000000080050033 CR3=00000000a4495000 CR4=00000000001426e0 [ 435.748398] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 435.755634] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 435.762371] *** Control State *** [ 435.765860] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 435.773461] EntryControls=0000d1ff ExitControls=002fefff [ 435.778930] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 435.786701] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 435.793903] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 14:12:21 executing program 1: mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:21 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x0, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:21 executing program 5: r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x0) write$P9_RREADDIR(r0, &(0x7f0000000080)={0xb}, 0xb) 14:12:21 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) socket$l2tp6(0xa, 0x2, 0x73) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x800}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) ioctl$SG_SET_KEEP_ORPHAN(r0, 0x2287, &(0x7f0000000340)=0xcf) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sendmsg$NL80211_CMD_SET_MESH_CONFIG(r2, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="5d1f121b", @ANYRES16=0x0, @ANYBLOB="000828bd7000ffdbdf251d0000000c009900ff00000004000000"], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x20040000) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0) [ 435.801197] reason=80000021 qualification=0000000000000000 [ 435.807594] IDTVectoring: info=00000000 errcode=00000000 [ 435.813897] TSC Offset = 0xffffff1373c9c6e5 [ 435.818252] EPT pointer = 0x000000005c33701e [ 435.823728] Virtual processor ID = 0x0001 14:12:21 executing program 5: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'\x00', 0x1132}) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = fcntl$dupfd(r1, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$TUNSETTXFILTER(r0, 0x401054d6, 0x0) 14:12:21 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x0, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 435.904868] overlayfs: failed to resolve './file1': -2 14:12:21 executing program 1: mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) [ 435.983729] overlayfs: failed to resolve './file1': -2 14:12:21 executing program 4: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x84000, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0), 0xb}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xc, r0, 0x0) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000140)={&(0x7f0000000100)=[0x6, 0x20, 0x64c0, 0x401000, 0x7fffffff], 0x5, 0x80000, 0x0, r0}) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x2001, 0x0) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) ioctl$sock_bt_bnep_BNEPCONNADD(r2, 0x400442c8, &(0x7f00000001c0)={r3, 0x7, 0xd62a, "ffe8c83eed1c1859301a370451abc3f5b1080fdd"}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) link(&(0x7f0000000240)='./file0\x00', &(0x7f00000003c0)='./file0\x00') ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r6, 0xae80, 0x0) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x48, 0x3, 0x1, 0x3, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x200}]}, 0x48}}, 0x0) ioctl$sock_FIOGETOWN(r7, 0x8903, &(0x7f0000000200)) 14:12:21 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x0, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:21 executing program 1: mkdir(0x0, 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) [ 436.111703] overlayfs: failed to resolve './file1': -2 [ 436.125012] *** Guest State *** [ 436.128425] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 436.143672] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 436.154534] CR3 = 0x00000000fffbc000 [ 436.158433] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 436.165871] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 436.172501] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 436.172511] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 436.172525] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 436.172538] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 436.172549] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 436.172562] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 436.172574] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 436.172584] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 436.172595] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 436.172603] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 436.252007] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 14:12:21 executing program 5: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'\x00', 0x1132}) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = fcntl$dupfd(r1, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$TUNSETTXFILTER(r0, 0x401054d6, 0x0) 14:12:21 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x0) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:21 executing program 1: mkdir(0x0, 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) [ 436.260141] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 436.266774] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 436.277778] Interruptibility = 00000000 ActivityState = 00000000 [ 436.287638] *** Host State *** [ 436.293880] RIP = 0xffffffff8117dacf RSP = 0xffff88805507f9b0 [ 436.299980] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 14:12:21 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r0 = semget$private(0x0, 0x4000000009, 0x0) semop(r0, &(0x7f0000000380)=[{0x1, 0xffff}], 0x1) semop(r0, &(0x7f0000000380), 0x1d) semop(r0, &(0x7f0000000380)=[{0x1, 0x2e5}], 0x1) semctl$GETZCNT(r0, 0x2, 0xf, &(0x7f00000000c0)=""/124) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 436.321522] FSBase=00007f8986666700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 436.350720] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 14:12:21 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x0) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 436.370150] CR0=0000000080050033 CR3=000000009ed5c000 CR4=00000000001426f0 [ 436.387969] overlayfs: failed to resolve './file1': -2 [ 436.409753] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 436.432815] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 436.447026] *** Control State *** [ 436.450720] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 436.457491] EntryControls=0000d1ff ExitControls=002fefff [ 436.472917] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 436.479975] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 436.487790] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 436.495644] reason=80000021 qualification=0000000000000000 [ 436.503717] IDTVectoring: info=00000000 errcode=00000000 [ 436.509519] TSC Offset = 0xffffff132525d95e [ 436.514944] EPT pointer = 0x00000000a7f4001e [ 436.519444] Virtual processor ID = 0x0002 [ 436.637126] *** Guest State *** [ 436.642963] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 436.652677] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 436.662655] CR3 = 0x00000000fffbc000 [ 436.666486] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 [ 436.673804] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 436.679908] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 436.687825] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 436.696403] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 436.705293] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 436.713959] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 436.722791] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 436.731574] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 436.739595] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 436.748729] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 436.757452] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 436.766410] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 436.775094] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 436.782586] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 436.790114] Interruptibility = 00000000 ActivityState = 00000000 [ 436.797194] *** Host State *** [ 436.801306] RIP = 0xffffffff8117dacf RSP = 0xffff88805064f9b0 [ 436.807508] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 436.815073] FSBase=00007f2c0b2af700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 436.823714] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 436.829731] CR0=0000000080050033 CR3=00000000a6121000 CR4=00000000001426f0 [ 436.838567] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 436.845741] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 436.852052] *** Control State *** [ 436.855539] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 436.862540] EntryControls=0000d1ff ExitControls=002fefff [ 436.868099] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 436.875346] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 436.882396] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 14:12:22 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x0) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:22 executing program 1: mkdir(0x0, 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:22 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000006000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000100)="0f018c6b4e260f650966b9800000c00f326635004000000f30b899028ed0b801008ed00fa10b6bc136f30f5e350fc769b8", 0x31}], 0x1, 0x0, 0x0, 0xfffffd86) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000100), 0x10) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, 0x0) io_submit(0x0, 0x0, 0x0) 14:12:22 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x50e, 0x159}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) perf_event_open(&(0x7f00000000c0)={0x3, 0x70, 0x6, 0x1, 0x3f, 0x8, 0x0, 0x7, 0x44d64, 0xd, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x4, @perf_bp={&(0x7f0000000140)}, 0xa050, 0x8, 0x6, 0x3, 0x4, 0x5, 0x401}, r4, 0xb, 0xffffffffffffffff, 0x9) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 436.889150] reason=80000021 qualification=0000000000000000 [ 436.910581] IDTVectoring: info=00000000 errcode=00000000 [ 436.916280] TSC Offset = 0xffffff12dfb8219a 14:12:22 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(0xffffffffffffffff, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:22 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0) r1 = semget$private(0x0, 0x4000000009, 0x0) semop(r1, &(0x7f0000000380)=[{0x1, 0xffff}], 0x1) semop(r1, &(0x7f0000000380), 0x1d) semop(r1, &(0x7f0000000380)=[{0x1, 0x2e5}], 0x1) semtimedop(r1, &(0x7f0000000100)=[{0x0, 0x3, 0x1000}, {0x3, 0x3, 0x1000}, {0x2, 0xf840, 0x1000}], 0x3, &(0x7f0000000280)) [ 436.941381] EPT pointer = 0x000000008aeaf01e [ 436.945972] Virtual processor ID = 0x0001 [ 436.960344] overlayfs: failed to resolve './file1': -2 14:12:22 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(0x0, 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:22 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(0xffffffffffffffff, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:22 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x5, 0x20000000, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5245, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:12:22 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000006000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000100)="0f018c6b4e260f650966b9800000c00f326635004000000f30b899028ed0b801008ed00fa10b6bc136f30f5e350fc769b8", 0x31}], 0x1, 0x0, 0x0, 0xfffffd86) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000100), 0x10) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, 0x0) io_submit(0x0, 0x0, 0x0) 14:12:22 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(0xffffffffffffffff, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 437.118809] *** Guest State *** [ 437.133928] *** Guest State *** [ 437.137341] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 437.150116] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 437.165607] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 437.177583] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 437.195325] overlayfs: failed to resolve './file0': -2 [ 437.201982] CR3 = 0x00000000fffbc000 [ 437.206363] CR3 = 0x00000000fffbc000 14:12:22 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(0x0, 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) [ 437.216623] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 437.224832] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 [ 437.237416] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 437.244391] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 14:12:22 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 437.261890] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 437.271794] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 437.278816] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 437.297123] overlayfs: failed to resolve './file0': -2 [ 437.302679] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 14:12:22 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(0x0, 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) [ 437.326778] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 437.348678] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 437.363318] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 14:12:22 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 437.395330] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 437.405021] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 437.437734] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 437.442484] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 437.453937] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 437.463308] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 437.480912] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 437.481210] overlayfs: failed to resolve './file0': -2 [ 437.499020] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 437.502426] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 437.515092] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 437.515102] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 437.515114] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 437.515121] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 437.515128] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 437.515134] Interruptibility = 00000000 ActivityState = 00000000 [ 437.515138] *** Host State *** [ 437.515147] RIP = 0xffffffff8117dacf RSP = 0xffff88805356f9b0 [ 437.515163] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 437.515171] FSBase=00007f8986666700 GSBase=ffff8880aeb00000 TRBase=fffffe0000003000 [ 437.515179] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 437.515190] CR0=0000000080050033 CR3=00000000a5293000 CR4=00000000001426e0 [ 437.515201] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 437.515210] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 437.515213] *** Control State *** [ 437.515219] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 437.515224] EntryControls=0000d1ff ExitControls=002fefff [ 437.515233] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 437.515238] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 437.515243] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 437.515248] reason=80000021 qualification=0000000000000000 [ 437.515253] IDTVectoring: info=00000000 errcode=00000000 [ 437.515257] TSC Offset = 0xffffff129e8bc598 [ 437.515263] EPT pointer = 0x00000000a0b6f01e [ 437.515270] Virtual processor ID = 0x0001 [ 437.597569] *** Guest State *** [ 437.606256] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 437.617576] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 437.620321] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 437.628133] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 437.642776] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 437.684555] CR3 = 0x00000000fffbc000 [ 437.691921] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 437.713169] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 437.720291] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 437.730314] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 437.738034] Interruptibility = 00000000 ActivityState = 00000000 [ 437.740340] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 437.746736] *** Host State *** [ 437.757609] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 437.759733] RIP = 0xffffffff8117dacf RSP = 0xffff88804aaef9b0 [ 437.764214] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 437.771645] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 437.781878] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 437.793999] FSBase=00007f2c0b2af700 GSBase=ffff8880aeb00000 TRBase=fffffe0000034000 [ 437.804410] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 437.813446] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 437.822767] CR0=0000000080050033 CR3=000000008a147000 CR4=00000000001426e0 [ 437.829916] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 437.836092] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 437.838563] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 437.852507] *** Control State *** [ 437.854559] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 437.856037] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 437.872375] EntryControls=0000d1ff ExitControls=002fefff [ 437.877919] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 437.878234] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 437.886408] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 437.896706] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 437.901557] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 437.907915] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 437.915334] reason=80000021 qualification=0000000000000000 [ 437.929485] IDTVectoring: info=00000000 errcode=00000000 [ 437.932848] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 437.936171] TSC Offset = 0xffffff129b557a59 [ 437.948200] EPT pointer = 0x000000008ce0701e [ 437.948481] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 437.953861] Virtual processor ID = 0x0002 [ 437.959281] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 437.988995] Interruptibility = 00000000 ActivityState = 00000000 [ 437.998625] *** Host State *** [ 438.002194] RIP = 0xffffffff8117dacf RSP = 0xffff88805356f9b0 [ 438.014805] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 438.022332] FSBase=00007f8986666700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 438.034481] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 438.040922] CR0=0000000080050033 CR3=00000000a5293000 CR4=00000000001426f0 [ 438.047951] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 438.054725] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 438.060837] *** Control State *** [ 438.064283] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 438.071249] EntryControls=0000d1ff ExitControls=002fefff [ 438.076705] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 438.083777] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 14:12:23 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x1000, 0x20000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:12:23 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000006000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000100)="0f018c6b4e260f650966b9800000c00f326635004000000f30b899028ed0b801008ed00fa10b6bc136f30f5e350fc769b8", 0x31}], 0x1, 0x0, 0x0, 0xfffffd86) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000100), 0x10) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, 0x0) io_submit(0x0, 0x0, 0x0) 14:12:23 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:23 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(0x0, 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:23 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clock_adjtime(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') ioctl$KDFONTOP_GET(r2, 0x4b72, &(0x7f0000000680)={0x1, 0x0, 0x1c, 0x1c, 0x178, &(0x7f0000000280)}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0) 14:12:23 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) pipe(&(0x7f0000000080)={0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r4, 0xc058534b, &(0x7f0000000140)={0x694, 0x9, 0x32e1, 0xffffff81, 0xd0a, 0x1f}) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r3, 0x40505331, &(0x7f00000000c0)={{0x2, 0x5}, {0xfe, 0x3}, 0x3, 0x2, 0x9}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 438.090506] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002 [ 438.097127] reason=80000021 qualification=0000000000000000 [ 438.103493] IDTVectoring: info=00000000 errcode=00000000 [ 438.108939] TSC Offset = 0xffffff125b407ba9 [ 438.113459] EPT pointer = 0x00000000a12cd01e [ 438.117876] Virtual processor ID = 0x0001 14:12:23 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(0x0, 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:23 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:23 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:23 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(0x0, 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:23 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000006000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000100)="0f018c6b4e260f650966b9800000c00f326635004000000f30b899028ed0b801008ed00fa10b6bc136f30f5e350fc769b8", 0x31}], 0x1, 0x0, 0x0, 0xfffffd86) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000100), 0x10) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, 0x0) io_submit(0x0, 0x0, 0x0) [ 438.368238] *** Guest State *** [ 438.376743] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 438.389656] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:12:23 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 438.428683] CR3 = 0x00000000fffbc000 [ 438.441217] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 [ 438.460555] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 438.485094] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 438.515725] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 438.533674] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 438.547719] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 438.558507] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 438.568146] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 438.577113] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 438.586217] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 438.595330] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 438.604342] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 438.613242] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 438.628701] *** Guest State *** [ 438.635552] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 438.636514] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 438.654032] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 438.658071] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 438.670933] Interruptibility = 00000000 ActivityState = 00000000 [ 438.670938] *** Host State *** [ 438.670948] RIP = 0xffffffff8117dacf RSP = 0xffff8880564879b0 [ 438.670964] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 438.670974] FSBase=00007f2c0b26c700 GSBase=ffff8880aeb00000 TRBase=fffffe0000034000 [ 438.670983] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 438.670993] CR0=0000000080050033 CR3=00000000a1706000 CR4=00000000001426e0 [ 438.671004] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 438.671013] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 438.671016] *** Control State *** [ 438.671022] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 438.671026] EntryControls=0000d1ff ExitControls=002fefff [ 438.671042] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 438.671048] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 438.671054] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 438.671059] reason=80000021 qualification=0000000000000000 [ 438.671064] IDTVectoring: info=00000000 errcode=00000000 [ 438.671068] TSC Offset = 0xffffff1200751b84 [ 438.671074] EPT pointer = 0x000000009ec2901e [ 438.671082] Virtual processor ID = 0x0002 [ 438.789890] CR3 = 0x00000000fffbc000 [ 438.795895] RSP = 0x0000000000000000 RIP = 0x0000000000001000 [ 438.804359] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 438.812017] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 438.818811] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 438.835624] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 438.844108] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 438.858457] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 438.867592] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 438.876531] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 438.884884] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 438.893173] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 438.901531] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 438.909602] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 438.917882] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 438.924550] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 438.932318] Interruptibility = 00000000 ActivityState = 00000000 [ 438.938597] *** Host State *** [ 438.942007] RIP = 0xffffffff8117dacf RSP = 0xffff8880562af9b0 [ 438.948111] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 438.954780] FSBase=00007f8986666700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 438.962870] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 438.968880] CR0=0000000080050033 CR3=00000000a884e000 CR4=00000000001426f0 [ 438.976120] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 438.991750] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 438.998663] *** Control State *** [ 439.002363] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 439.009131] EntryControls=0000d1ff ExitControls=002fefff [ 439.015335] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 439.022756] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 439.029603] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002 14:12:24 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:24 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:24 executing program 5: creat(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f0000000480)=ANY=[@ANYBLOB='./file0'], &(0x7f0000000000)='./file0\x00', 0x0, 0x148100c, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x2aa403e, &(0x7f0000000080)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100000}}]}) 14:12:24 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x48, 0x3, 0x1, 0x3, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x200}]}, 0x48}}, 0x0) splice(r0, &(0x7f0000000100)=0x80000000, 0xffffffffffffffff, &(0x7f0000000280)=0x3, 0x1000, 0x2) syz_read_part_table(0x0, 0x1, &(0x7f0000000440)=[{&(0x7f0000000000)="ac4559d594ebabfb20418bf095797ab3edc9e9fafda99d8ed46dc3ac5ef38614f046160e3b0cb7dd6bfaeb610f167a662f9ce63c99709e7da196ef10d8fd260dfd22afbb833239927b5ba77c9da17ec21e12adee2f325ee50083397f55a129f702cf366cd265fcaf9a6049b536782bda9db44b8329938ebc9c28f33dba52696fd3a5ae45d4995b5b6b339560fc6d021a019f649a771436f24a00cf9088394c89e143e7830bae065ddd81f2c68bb470fc3e473fd54e137d8bedeaada735fdf45dced45428f809b639fb0e167200df73df856e337821f64c6900137c4e05b229d952f3d6fc47ddfa5a3f2999", 0xeb, 0x100}]) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_genetlink_get_family_id$smc(&(0x7f00000003c0)='SMC_PNETID\x00') sendmsg$SMC_PNETID_DEL(r1, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x54, r3, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'batadv0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x8000}, 0x20000816) 14:12:24 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x200000000000000, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e1e, 0x0, 0x3], 0x0, 0x20000}) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$RTC_PLL_GET(r3, 0x80207011, &(0x7f00000000c0)) pipe(&(0x7f0000000080)={0xffffffffffffffff}) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) sendmsg$inet_sctp(r5, &(0x7f0000000400)={&(0x7f0000000100)=@in6={0xa, 0x4e23, 0x5, @local, 0x91}, 0x1c, &(0x7f00000003c0)=[{&(0x7f0000000140)="7fbac6a0c778e16b519a2ee2f9a5470a785c015f721b292c0cdd41bcc3802a0ad901a7214c00427c5dd7ecba238fab200084d14c11562c4d32baeb8154186b2eb2ca068dff8694002048e2d8c0b23afccfebb1eff5671cf0038a9a77317c0811742a513f3c39c2f3c500134b751616661806fdfaf51dfe411b6dd270f6f905841bbd92646450fbe193dd073f5d30c4627afc1169d0fcd2dbdcc3d23e76c184696916c8cbe4862bb728358431623df661419c2a863f8d4156b1e31fb2", 0xbc}, {&(0x7f0000000200)="7bb4693714e8345578bcd777d388c5a232e1658bfa7ae95993b0e1a06bef70b1f5ae5fd8b6fc0e167e6c2eee9798ead2ed5b7ed9ccb9a83af6c7f940dd0299278ced121a5af9eea2a7bdacd92000723af274f7398b88c6d93785ecd329090538373e3dbe3a34afc745fa83400db467fb4783dd04c036fa05fc88c317c24a6fb1032ebc68380b8897fd7ec3b9ccaba471aa0900479d83e79026070d7945ab9ff949e65ee177010aff24c7647a3aba64010410c0062235", 0xb6}, {&(0x7f0000000380)="cfd2a7367522fe4e12292a377a55e580395b3b1b100b776b45fcbba9510dc31d9067dee95aaee3d6dbdbef2f30a2942aff8fbca731", 0x35}], 0x3, 0x0, 0x0, 0x4000000}, 0x2000c100) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$RTC_IRQP_READ(r4, 0x8008700b, &(0x7f0000000000)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:12:24 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) tkill(r0, 0x23) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 439.036283] reason=80000021 qualification=0000000000000000 [ 439.042866] IDTVectoring: info=00000000 errcode=00000000 [ 439.048324] TSC Offset = 0xffffff11d4c6104e [ 439.058958] EPT pointer = 0x000000005acc701e [ 439.063649] Virtual processor ID = 0x0003 14:12:24 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 439.191590] Dev loop3: unable to read RDB block 1 [ 439.196497] loop3: unable to read partition table 14:12:24 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:24 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 439.245243] loop3: partition table beyond EOD, truncated [ 439.269402] loop_reread_partitions: partition scan of loop3 () failed (rc=-5) 14:12:24 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:24 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:24 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r2 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r2, 0x4, 0x6100) write$cgroup_type(r2, &(0x7f0000000200)='threaded\x00', 0x175d900f) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r6, 0xae80, 0x0) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYPTR64=&(0x7f00000003c0)=ANY=[@ANYPTR64, @ANYRESOCT, @ANYBLOB="c099fee43b50105c3368ce3e868871c990ab68100d9e595dba614e034750b901a6b12055930cd35a3933713afad98cfc6e7ec800ac0317edb1c1bb3a573ac15a469183e1d0da8be7371207ae1fcffc0940f88193f3acc0c74e83a47eefb44c49a56bc3cba21a03ae08b2b23f24379956484d4c997912296ad3a36a2584f9f0e378b7131901dad6ba0662a7fd64118bb97007be24a38f4d5744fe27e952fb1d4330921aa11eb329a9c11260b96db03bac660b18550d5858823df2a746d23b6002856a7b86d51e28b05f54fe12be6cb6cf831a94923c4eef333a9937858ae7d8d42a2cd25fe8", @ANYRES32, @ANYBLOB="c13d1a534b"]], 0x1}}, 0x0) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x2, 0xf06, 0x0, 0x3ff}) [ 439.527736] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000100000, 14:12:24 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 439.593326] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000100000, 14:12:24 executing program 5: creat(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f0000000480)=ANY=[@ANYBLOB='./file0'], &(0x7f0000000000)='./file0\x00', 0x0, 0x148100c, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x2aa403e, &(0x7f0000000080)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100000}}]}) 14:12:24 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 439.790196] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000100000, 14:12:25 executing program 3: r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0) fsetxattr$security_evm(r0, &(0x7f0000000100)='security.evm\x00', &(0x7f0000000280)=@md5={0x1, "1bca6b278407d77e0cafa4d0601413de"}, 0x11, 0x1) 14:12:25 executing program 2: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = dup(r0) write$UHID_CREATE2(r2, &(0x7f00000000c0)={0xb, {'syz0\x00', 'syz0\x00', 'syz1\x00', 0x6c, 0x1, 0x8, 0x4, 0x7, 0x200, "17bb45b6d8d5d51d6a68a8413329fdfe5e9d9cd27e12fd13d381b496bfeb143a72f272715c7eeae1905c4df5dcd0f818afd9008ce91ab0103d89963513b68ed3a85c14cbbca7e5e9a24e0fa2844fa17a89d9e67c2c45bac3581c2f42c3d43f70d61452f8f464b8b72457da61"}}, 0x184) ioctl$IMDELTIMER(r2, 0x80044941, &(0x7f00000007c0)=0x1) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x48, 0x3, 0x1, 0x3, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x200}]}, 0x48}}, 0x0) ioctl$TUNSETLINK(r2, 0x400454cd, 0x320) recvmmsg(r5, &(0x7f0000002140)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000380)=""/209, 0xd1}, {&(0x7f0000000480)=""/137, 0x89}, {&(0x7f0000000540)=""/180, 0xb4}, {&(0x7f0000000000)=""/12, 0xc}, {&(0x7f0000000600)=""/9, 0x9}], 0x5, &(0x7f00000006c0)=""/29, 0x1d}, 0x1}, {{&(0x7f0000000700)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000800)=""/218, 0xda}, {&(0x7f0000000900)=""/50, 0x32}], 0x2, &(0x7f0000000980)=""/107, 0x6b}, 0x9}, {{&(0x7f0000000a00)=@isdn, 0x80, &(0x7f0000000d80)=[{&(0x7f0000000a80)=""/214, 0xd6}, {&(0x7f0000000b80)=""/87, 0x57}, {&(0x7f0000000c00)}, {&(0x7f0000000c40)=""/65, 0x41}, {&(0x7f0000000cc0)=""/31, 0x1f}, {&(0x7f0000000d00)=""/85, 0x55}], 0x6, &(0x7f0000000e00)=""/172, 0xac}, 0x9}, {{&(0x7f0000000ec0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x80, &(0x7f0000002080)=[{&(0x7f0000000f40)=""/72, 0x48}, {&(0x7f0000000fc0)=""/39, 0x27}, {&(0x7f0000001000)=""/110, 0x6e}, {&(0x7f0000001080)=""/4096, 0x1000}], 0x4, &(0x7f00000020c0)=""/73, 0x49}, 0x3f5}], 0x4, 0x40003041, &(0x7f0000000780)) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 14:12:25 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:25 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:25 executing program 5: perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180)={0x0}, &(0x7f00000001c0)=0xc) pipe(0x0) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1420000a73, 0x0) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x7, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000080)}, 0x82, 0x0, 0x5, 0x6, 0x7, 0x0, 0x200}, r0, 0x2, 0xffffffffffffffff, 0x1) exit_group(0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000)='batadv\x00') r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000040)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000580)={0x0, 0x17000000, &(0x7f0000000540)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010300000000000000000500000008000300", @ANYRES32=r4, @ANYBLOB="a2e0940566055672cd810740"], 0x1c}}, 0x0) 14:12:25 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000180), 0x0) r2 = socket$alg(0x26, 0x5, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000440)="cb56b6cc0407008b65d8b4ac2ca3", 0xe) accept4(r2, 0x0, 0x0, 0x0) bind(0xffffffffffffffff, &(0x7f00000005c0)=@nfc, 0x80) creat(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f0000000480)=ANY=[@ANYBLOB='./file0'], &(0x7f0000000000)='./file0\x00', 0x0, 0x148100c, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x2aa403e, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_mount_image$tmpfs(&(0x7f00000003c0)='tmpfs\x00', &(0x7f00000000c0)='./file0\x00', 0x2fc, 0x2, &(0x7f00000004c0)=[{&(0x7f0000000200)="46efe98eecb87e2a705b8be77e432c77f473122d9ff7c0654c47241af3d22eba39f355f9caf772f4c164c4b03249ef2978f32f346e0bfd0116ac8eabc21d5f68965911f8da761db75ebc926d3ba2fe46e44c5e9f7319afd796e655524f7a72ad662eddb2f11f84adafc2cb2c5482b65627c9f8a8ce5bae5bdba39247a5abb56f7af1c3db6947532387ad749b960acc220fcd5ad1b4c0d6f24915c7eb541f8ffa432c05880436e61d7264", 0xaa, 0xfffffffffffffffe}, {&(0x7f0000000100)="e1d202b67aee2a29ab5d2343c0b8bbcdd924d2256d568b3223b7660f0876", 0x1e}], 0x100000, 0x0) 14:12:25 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:25 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, 0x0, &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) [ 440.145089] *** Guest State *** [ 440.148411] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 440.175828] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 440.185630] CR3 = 0x00000000fffbc000 [ 440.189856] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 [ 440.201581] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 440.238958] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 440.268074] EXT4-fs (sda1): re-mounted. Opts: [ 440.276238] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 440.297201] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 440.305788] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 440.337125] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 440.347055] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 440.356730] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 440.373933] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 440.397660] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 440.406035] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 440.415484] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 440.424454] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 440.431834] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 440.439411] Interruptibility = 00000000 ActivityState = 00000000 [ 440.447052] *** Host State *** [ 440.451045] RIP = 0xffffffff8117dacf RSP = 0xffff88804a1479b0 [ 440.457157] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 440.464733] FSBase=00007f2c0b2af700 GSBase=ffff8880aeb00000 TRBase=fffffe0000034000 [ 440.474707] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 440.484953] CR0=0000000080050033 CR3=00000000a89ed000 CR4=00000000001426e0 [ 440.493660] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 440.504582] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 440.513359] *** Control State *** [ 440.517045] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 440.528654] EntryControls=0000d1ff ExitControls=002fefff [ 440.535643] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 440.546852] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 440.555059] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 440.565960] reason=80000021 qualification=0000000000000000 [ 440.573926] IDTVectoring: info=00000000 errcode=00000000 [ 440.579497] TSC Offset = 0xffffff10ff69dc3b [ 440.588551] EPT pointer = 0x000000008dd6f01e [ 440.595842] Virtual processor ID = 0x0001 14:12:25 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:12:25 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:25 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, 0x0, &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:25 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8fa6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) 14:12:25 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x5, 0xfffffffb, 0x0, 'queue1\x00', 0x800}) 14:12:25 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r2 = perf_event_open(&(0x7f00000000c0)={0x3, 0x70, 0x2, 0x0, 0x3, 0x3e, 0x0, 0x8, 0x10100, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x8, 0x4, @perf_config_ext={0x7, 0x800}, 0x1, 0x3a, 0x7, 0x1, 0x3, 0x6, 0x5}, 0xffffffffffffffff, 0x9, r0, 0x2) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, r2, 0x1) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) bind$unix(r3, &(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e) getpid() r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r5, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000380)={0x0, @in={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x12}}}, 0xfff, 0x0, 0x10001, 0x80000000, 0xe8, 0x6, 0x3}, &(0x7f00000001c0)=0x9c) setsockopt$inet_sctp_SCTP_ADD_STREAMS(r1, 0x84, 0x79, &(0x7f0000000240)={r6, 0x5, 0x401}, 0x8) r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r8, 0xae80, 0x0) 14:12:25 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:26 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, 0x0, &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:26 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8fa6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) 14:12:26 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:26 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8fa6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) 14:12:26 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x800, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r2, 0xc10c5541, &(0x7f00000002c0)={0x33e, 0xff}) ioctl$VHOST_SET_VRING_ENDIAN(r1, 0x4008af13, &(0x7f0000000280)={0x2, 0x200}) [ 440.977880] *** Guest State *** [ 440.991424] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 441.014751] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 441.025041] CR3 = 0x00000000fffbc000 [ 441.029424] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 [ 441.036831] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 441.043704] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 441.052785] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 441.058859] *** Guest State *** [ 441.061434] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 441.069793] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 441.073420] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 441.073433] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 441.073446] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 441.073459] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 441.073468] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 441.073480] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 441.073489] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 441.073502] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 441.073510] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 441.073519] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 441.073525] Interruptibility = 00000000 ActivityState = 00000000 [ 441.073528] *** Host State *** [ 441.073537] RIP = 0xffffffff8117dacf RSP = 0xffff8880537779b0 [ 441.073553] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 441.073561] FSBase=00007f2c0b26d700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 441.073569] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 441.073579] CR0=0000000080050033 CR3=0000000091ea1000 CR4=00000000001426f0 [ 441.073590] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 441.073599] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 441.073602] *** Control State *** [ 441.073608] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 441.073612] EntryControls=0000d1ff ExitControls=002fefff [ 441.073622] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 441.073628] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 441.073633] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 441.073638] reason=80000021 qualification=0000000000000000 [ 441.073643] IDTVectoring: info=00000000 errcode=00000000 [ 441.073647] TSC Offset = 0xffffff108d078b30 [ 441.073653] EPT pointer = 0x00000000a884e01e [ 441.073660] Virtual processor ID = 0x0002 [ 441.079391] Unknown ioctl 1074310931 [ 441.117410] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 441.294595] CR3 = 0x00000000fffbc000 [ 441.298544] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 441.308420] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 441.316854] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 441.324028] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 441.332488] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 441.341030] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 441.349327] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 441.357913] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 441.367101] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 441.375495] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 441.383775] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 441.392155] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 441.400764] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 441.408982] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 441.415793] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 441.423601] Interruptibility = 00000000 ActivityState = 00000000 [ 441.429962] *** Host State *** [ 441.433500] RIP = 0xffffffff8117dacf RSP = 0xffff88808804f9b0 [ 441.439693] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 441.446443] FSBase=00007f8986666700 GSBase=ffff8880aeb00000 TRBase=fffffe0000003000 [ 441.454602] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 441.460828] CR0=0000000080050033 CR3=00000000964a3000 CR4=00000000001426e0 [ 441.468158] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 441.475271] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 441.482286] *** Control State *** [ 441.485899] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 441.493989] EntryControls=0000d1ff ExitControls=002fefff [ 441.499765] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 441.508203] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 441.519934] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 14:12:26 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) getpgid(r0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:12:26 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:26 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:26 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8fa6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) [ 441.527879] reason=80000021 qualification=0000000000000000 [ 441.536151] IDTVectoring: info=00000000 errcode=00000000 [ 441.543006] TSC Offset = 0xffffff1098b2a602 [ 441.547928] EPT pointer = 0x00000000a6eac01e [ 441.553575] Virtual processor ID = 0x0001 14:12:26 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_mount_image$bfs(&(0x7f0000000000)='bfs\x00', &(0x7f00000000c0)='./file0\x00', 0x2, 0x3, &(0x7f0000000240)=[{&(0x7f0000000100)="522cfbe24ced7cd1365f8db193428055176ce2264e34c3b5fe90d982c7e556f267a0de4b15dad67008500ea05d4cab52a8a48ed4e205d26135763c58204577711f5cdb2eba7beb8244e5", 0x4a}, {&(0x7f0000000180)="f89748f0ac3a699a9dd2ed2287b3c54644fd5eab03d2c0c7722f4521b7a68b13b323b9478fb9781f4fbaf78ad79999866e8167b6dbc51bd26cc6deffc41a70f9bf8446e219944bfc2889fab1d91b37aeebec6dd18eaa5f621acea3affd71309744e43eb2650ee30aed0c6cb101ff33b47f0101b422990e271db9da920dd973fbe060e9f4a2ac332628d4da3461cc7703adb28b4542d43b7ec3620d04721a255120c52813403fe1cd00742b131151b1d22870c6eb7c17", 0xb6, 0x1000}, {&(0x7f0000000380)="aeafc7459f64427098c064c85afed31d91f7ec9a0033a8921a7f0ff64d3909c8b8885a6a8bf1a572ba14c53291d4deaca89375d9283fc9169c9a1ba49db6847f17cd895290f0ae42f1977dee50318b3896a62c0e44dbf730d3f2860065f99d0633a74608328032a26192a83e8a0473123a41b2410d99adfd70c0b698760105a21ce9498979b0a672a3b56de7117d5a6617cf4051b7891cb8a2883628d2f04fc0fcf1d4655d9b90a63923835479e24f2354154657518285c1e956c5c83cc73a7213c3282e5b1b43e3f1b9c28d08da026712ab37393e2616d2bb3056e1424dcd0288c857322c93e8132fb10d1bc3b812941110581915943859afabee834d9c2a488d8e1ee989d32599cc7afa1b187c2c9eb4fe713590e907aeec1ee92cedda7c2b5b31fe1ff41e6891e55810693e30359e8e0759faf3635d0a65df9901213297808df69a57762e6d106e8e73254a1d01d7ab12b0d5400dc2e5a27f491131d086a2a478cc7a420791f5c0ac744de5bbeb04a712f25ce308f03bf37032058b35571cb7c9159447e0fbe274ac18d7ddee7324fef81803056532eb57c5bdacb5473c105eae1830fef1f2b656757558b085b59505fa508069305b57196868a50b206e62d778ce8ee70afaa410a34e50a0d560c1e0952adf092036154fb797c252234bfc2697f21a53d37112fa442a08ba5e847bed743528c0d6f24a2dfe54bd1835e9a9d9f64e0b7f24774246bc179f854cd0dfc78e90d30c23e14db685548d29f1ef277e15e765d73d1c2ed7c0f81d8eba5280d90dbd4462c95ae755486515db595587bf54306d3b32442a0bd90bac1272e469a8fdbc85d38d7e8dfd0ebd7c1b48f2af8673584f3a827d5aa50648a30f05ee18999113ccaeeb99ab75d0a3c286ef84a48d017c7e4d897bab4fb9a3c4da6ae2ffaf2da33ed410f6977d8f51b58e626d8af2884ba8f4b3a82482d5b30dde407fd2b78abd5c0cf522c5a9dc76da524e8ce93d4c0282009bd2bdeac1a7f3aa7f33a8a489b9dc2894086a65c73bc452a5777dab291ea48faf93d9cbbc9fa940ac8963cc67e8a9a36f8b149a306dfdf8091f816dc1d992c3517d2c6eb152ce9f68593ebe1f4da08e04e561990b845367c0bee3a2efbcebee4f07d20779125c682b5902d3b64e268cee0fd85f2da13b6b5bbcda48303fe9d74adc8a99636329cdeeed6797186d4601738bf3d5f95d58493dba72f8c7e64658f9274a07f82ad5f847e6a7aef7a8e83942306a798f33367e8c31494998b107eb177d7f038639e2f2bb8e13abe7fc6fe1ab93e08be9bac4f671ea6ff54a84196c42216425f1b49bd28f39199da25e8bb5b6984aa3cbe7e5dd64e3244b8405ff649debe3721e295c953d5233fc2fa8e58bf1d7c62e1cc73228029cea72b91e00bc23777c177d9f19b2c5c97676c32c230ac29aea9f886954f07dbde811e497e69b9626e18a10891e82ae9f257bbd4142c21fa99694d7575eef0dcb31b68dae34ab88a9f505e75c2429c8829f78cdcec60c2465568a9e3c6580b4288099c5d0a1f9fe000a1d8a355c9aefd7a94e7d5800c0ca950a88ee207c5eb697c65ee623ec6a79b5d2b0ed99e3a5191d8201889af26a3a46ddcf5c8653c6e86e65bc965d80255670072b72acc1f0d00d0a5607dc13d046fed2c7699b153b47434d67db5437a225d59eb99696cd37dbdb936db2cf57a7ebcf1f73e26ed0e4c53fc08cf5f2990e33103e50ec6ef7eacc7c7db65e51b3ebfe4960b316e0b04b1ae2e03579adf66e069c2780d1e0a19d0a014b1716f8f211b2bbf50c68332d7c204fbcffc16c20d7b2e61dc05395479570507572cf41a3dcbd5ccfbe00ebdb6c0e97dc717e4042de95dc93583cca01dd22b66fba6f69d7c9b3f30ebd41abaec9a1462dc997725e769ffe301329487c110a17f4e7816e741185129b3a8b872d66ba70446b28101b523ef603bbdbbcbfe4b8f456e6ab87b2f04fda4edd344100a364fdc071be748841710d4d57e2b9ef7f20ea421b0bbce96e352ecf35cdae181dacaa553a96f0b45eadd098352a92690329afdb66d42156aa2e19ab9817efe00bf14ed45a53f92850ce35d7179db76717ca6cedb834dd2cdb3f9e8acd8422ed831b15c61567663dca687d4de6edf8d26cda2d8ec831e98fa102e627103a96d713877af7969c2f65343317e0e6c10406bcb639ed5e5e4d22d770fc8ae8a83873ac78949bf977cea541c7a1ceede75c8119bf42940c1a63cb33b65b0baf1f6ff203790d2929d97026fa40300a8b5c5a5e739317bcf1f6bb7c20118a9db97d7d38f9cff229d97e680a0a38679dabc4a909db05dfec02ac6bd23afbd48bda1239abcdafe9abe395e0323b9945df353a596bc92504768e408480ada7c897ec934739a3a7a08307ecadb5e86e3f4c596a294807f456f9d39397b17ff4b7598655a6f1209bf00dc289c08ccf6000c99931fa95fa28744f5cf446636397ac05339ef17e4f8630298316b503824b46c9fc7a4612bd91266ccef27b3683c93a44b681023319af27946a1c698bb477a1a0bea608cdb3ef1be7aa65f3d75004528bc35491e8cbfc76c5e251f75b56e7af4d76579f233f29f54afa4a2bb9a38a2754e4ce97a89bfca0770dba10d2d2cfdddbdc8fc10cfd05c5253f21cc82d8b5363d73be89d77ec34f177e5e17932e072e4af04ec513a8494464f81b2245c86707259d96a0151873e2516a42ee4a67178e2cc7a41416ce831fa41b4d6caae52ea70220e1e8230c0f53cd0d009efb20acd7dbc134105943bb9c87057661be3afa0a7ad7e1988f037739c122e4afe9ef76f8733442158baa15f2d6b9493cb1dba9aedefdda329dfaf7e9e60dd17d88d470e503e8ed8d709e39c84b343f002339b11b7b96ab9263bf68e76003bfa7dae354616f6f49eb065dc98a8d688c7214bacd2339b7ad8713bf01c3753ba38e44a686dc69297bbba9b338ea2ffac07dd29bf4727cd29844233e55f00bb26087f62121d80e42dda00382c88a68a9f649b2d5b9f6ed167267d49478fd5bc16f8701b5f0961cff78c5468db8b0ae75cb80ee032a9116f229c2718b3de53ddcc7c1640c6935f50dfa17bad45a07ef6bce0e2100c3223d4c36971890dbac487d8c7367eb1639335e7b405cb624cc44c3c97cbf0caa4990593f6d0a2936e476066e806cf6a298b63e80ea7395e3633b6e8eb6e9e4c401d3866deee23b93c0d66c9a7b774b2088e4185745fbc3fe6e772692522a2f9c07d2972f2730183fbdd038e1f5e89278fd75e6bff499581662baf49a7026ce9bade7c5163b0ba24dd64c1729184174bb97bc6ab143813c3351206a8206f1dc528b10071af90b30e3626d45afc4ff1ee1bd6ef718ab02b464c2befd2e960bbf5c658e904511bab3aa5cf5841282fe2a7659b4941f401ac4af5fa7c1b547d706077b5a7190619042047e93ff6c27d7d6b378086e924c019a8188df88088164ee34be1ac3a5a2b3b674d114a97ca0e1f1dd9fffcd0d43951d5601ec6a4a0e4c1d2153adf2e852bf1f063b4aa3da5cabc63af53adf1e5215536d9add9129b349d3fec7364dde9502e77834ce7e5dd81e0173f1c9779a84bd655a37db23d94460a6f222a8c6007a510b16cb7b77c48d72d60778c806a7896aebb5c6c24699a030e29cf2d5567e4ff71191d8859fa384609cc60ee22adaa1e52094248f9554daf3eb239995969d4f3d7825195ef1e70ada61c15673fd958a9845f92f96ad45d3fdb1395d531a8a7c6b6b9bc5c57da4097a5f21ccd5d87b4c6e833d38c581f7263ccc4daf11621b32ff1b87259b4b4ff9ed5de271a4d52d3a14c92d3379537c3fc2cb48304aa1b3b58b578a8c3a3f0ffea285c74200f864a9257b41dc7a0bf32f769ae7cbb67235e2d70d1bb1c25bf14bc43db33e5225b72edf78d0b5b01624c960d65851e864a190de5339ab77a4528dc0b209f4d43065986a5cee679f9c8c7fd9e223b13e000fb2159812a2b56797402f77e0268124075d3076d75b8f45f4839a1d2097d10774b2b2a0d02bcd31c70597d27b53315540f2e5da75cc4713558d69259e9a945019bddd79e06a902910cb25147307b2ecdc98133be79c3ff143113a776993eea324c5a3d702c96878a32d6676afaf44130e24d481cd56b960edcad7160d0991eb1486eebb598950ee99389af7630a1ac3a59c6f326ca78f1d5140d63fe9f279bfcf386bf82b9b7929177c5da488b727624cb569f019488a69d61abeffeb55d245091e5ccfd736618d8df15aecf49c60d5b24fa7866dc27377a3c951cbb90dafe3864871e4f663b51d3efb9f134e60bf7ab0a32b5fdb18348025b77cf47123b879d3184edf2e03111c3d6e70b782237f4c43a4cf6b99fe0c0076e45e51cb8d186976c67c37b122ff6aa19f4ad4125a76f05a8905203badbdf6e510d89599b1a00feb43d95e0f434aa4ec748edc1667122ed5d62237b1bb8e696e717118371cceb3662da429076314047fb6e841ef329a962d8fb1589ec50f0119d31003698405c2630535655a52f55de54e679e24f0336c8df9a683e0e91fa4c98d24bd91f8a0b713e315944bcb9977282ca297965def0e4a677d6428c248befc152e9702dcd1b1dfb82104b6dfc62e72517adfcbc12e4d9178a199089cb758b3c9bea79c06fe7b08b16b2eac080ec3719027343d5ee3dc1e9b119e186fb7315c00c6e7439901732f3cfab5ec1657447ec83d4336711b1c22f99390bca80f054bb30858823895b42e1ab2eb1d5c5afe4b3a21118f1db3cf98563e4ded623823330276a225fbbf178038dd3eccb3511083a5c3e18a6ee105a856a0c8c6aedfd724c657b28d556721e1ea6f35da672326aa9de8523fb840d51097a47b8596a8088819d308d9c13a0e48e03081836bf6d607b0a58b569ada46b449e0ab31a1664bea4e730538b9404d296b7387ed70132f6feea197c543e47c50261efd318bbddd8962a30c2b840014d3ed3f802d903becec628bdd4647f0dfd5b33aee5a7040b4f94a6788e85cac42d48034fb23588b51914ec121b1b6c9a41877e4d8d63b265f0347d01026b61db21589943d399198ceaebaa54f9e6bfc4e29992c14fe767f2e5f3cc7299909b7253a7fc86bc61d359cf7a59ffdf5e20d4703d5a11fad90d4fdc79d06da1f3e013a170a3a35b1a27f761ed216c503e5756fbbab98b857013377c8ff9a340542e8b51ef735ceccd7cb1d45957dd9d50ca1aac6b1550834e767990a08eeb4df5722b79b8dcf559d84004aa8d3eee6634fb194984d016c2e4162dce7df463f3cf7aac6898ea7efee7c4653bf782b8a6d4ae815234ca224437cda81a1e107d9b493f74baaf450266045903d9371a4933ec61a2ea38545de453c9254bffc65f4624b0953e40b1894414fcd260261e98c781cc83a3c7a0314e442fc54deb50c521a526ddc882e0c30a46fb24e8ca6df666d16c4671a93edbcff825095e3dc52a82c701ddb064a9de2f4c4a5f27fd91c92eac757499ddc18d0087e76e966b54d3b03f45e15f96f044d27bb53458eeed14338031b20d529a952a468d4dc77e5ba595e0459a5abb56184ceae45b23f0542d0a6215e0baeb187f177dbdc17d04eeeff116ac0cfc5789c73658fe5b2d32c1a7ed19327ba0ddadabcb7d6a7344c1e7513e1226732cd758cce1f8051e581aac1d0ad1efc521c29566d9ece546a19172ab8dfd46cc9ff92817d8b66a2841e8a344792f56907e24e70d5bc084d195667797d5479d4620ed406c94a3c1399046588bc8e3c92be9cc4b74a35a89bb77476672245b86af2a5af01f184f772", 0x1000, 0x3365}], 0x102000, 0x0) 14:12:26 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:26 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8fa6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) 14:12:26 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:27 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:27 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:27 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8fa6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 14:12:27 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x1, &(0x7f0000000100)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0) [ 441.824714] Unknown ioctl 1074310931 [ 441.839121] print_req_error: I/O error, dev loop2, sector 0 14:12:27 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8fa6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 14:12:27 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:27 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, 0x0) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:27 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000140)=ANY=[@ANYBLOB='\x00'/10, @ANYRES32=0x0], &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000040)={r3, 0x4c, "9536a6435f539ab97b3f416d7ac184c928cdd2bf7386b793257e39cc8d829b747e148558bdebbd05170919be1753d5176b12e793ff9a486f9717552abd0f854825137fd9d42c4a0438c63acf"}, &(0x7f00000001c0)=0xfffffd72) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000380)={r3, 0x1000, "8854c05ea7acecf15995738bcd82e0194236e334839022ceec9b212052981ccade60e80efd259687490665711a9a6dc7bb03add9785e0bb6525a25cea81efed282efdad891e2a97045b22296d38fe9f2d61df394217f5830c297264eefe5f4834f7ce00d8fa01e24ef5fafe7f56886def7d1f080a68cee2ae6154b1ffb8d7307762b7ebb83040c7cb63e5a0569fa36c4e4decc34f7102846d4f0cf593b6a460ef2f01df30f1875c2dc8d3f06ff55b81d4a35bf8cc66f8526058b09a752f4e9d98fa1747dcf73c24635833e0ae0264e5b1a0deb85a19ffa1393cf90516df6bb7ef9453ef12570cb6285f7f4eb3a33d6c456dd036d358702c282f244a583b6117e349a27c4da22433638f958ae5473ebe2bf9378c0a71cf0b048769f8f18beb0c850b6eb591dcd45c034b1424ec89e23de6fd526fe6de3de9fcf39746e479c0347348dc7380065d699932cc7c1ac96b1f2fc0c12b499ffcd8487d3c1c8bb1bbc7a9d1a3a8ceb3cb97f8b8b0dc414eab8f759d75f4f8a15efa1019efc24d16cd7d6c77a6f3ae06642e85344c7534ada0d5fb9fa3db22196fd1dae724dbad25d3d285c8acaef80c4a94cb7131a85f114c2f9578433d5964b6f4f05de5f1e8f74816117a9b48b5a1efa3924d8f9c6f2d1451f0b61e525b643449eb390f6f069f2993cf07594810157d47b1f60b31de0779d53193a14f5cbabb1320106d7eafce66ff9bea917b5b8e352aae118cb06e6ff8c62ec07a769cebce15686d17c297c7defc8dc74a476e8d8995ba81adcfa6fc5de03733da13db8c73a03ab0e7ba2c71aec20d7b5f9670e54d336a113a872630df7e1887ffd4cf096a2aa28b5394579e2af3947bd6ab96085f1271afb5e8f4b9c34feb0804ebd1c0e0aa51aadab5f5d30b5965741e65d75219c39a8660f17be3f3493d97453e899ec1d954278126f7248ad904e94d2cf94ca0743d0d1082149bb4f1346501eeb6ed8f46ce4de620a6be59812753892c275b46f5eafb5c6558615537932072a5a184949e14f70f8f55365d8bb4b8a1d6929c2bffadd0e9560eaa0b67d1bbda98c91299ea86ceebaef8827869044372d240e416d8ebf410cd640b403ba2f7e36dd243e0a5735eabf1dfacfd81b03608476dc900217d9c4dc5d4fcad909d5c8fa4515e2ec2d2b396b49f02a44d849b22ec7ad8329c0fa9ff9b6d59ddf43fdda232fee11165528e6b92b29758c2b7caf44d86e34ccdba381638db964c56ecdc07d11d551353a9eba8a774efb6484b49cda6b8b62ce3f575cfb74fe800f246c7d40544153c06c721dd557b4c2866821a1ad544d6f85b1c1093abf05233ba99c60486ccf624f8e16919ac43c0536ec2d80dc0927275880f7f2a276f423dcf2ead5881cd7655671fdabda97c25eeb1af3a2420ac05b319c2516c442cf61c592b5883c3eff27e06d6c2bc868bd27c91308e5ac2a503b7656bc8674ab034b20dd14770cc4707d90736c1f5f9c4bc2161b64e30a91fc1e772f302eb1b2ee3fefe47de9863bb9202fb6a7d0b5454fe907ca7f6a49fc9dea5e0c8dde564cc08e7e5d125ea7fa725fb62bc6d28af59c45979eec1490db1341bbf86ef3ed9f2ab5d7783223181294508a52ac20aae00ba82da1e3713665ea6fadde547ab4fa3c2cffd8c256d99333c5657a4dd3ffc28eeba1e6da66e44fa81489627f1b903864aba40fe71fed9deaf019ae66fb4eb3a1b45d8267071aa9f1c089698a7521e5607103e66d7b3ef81832cd722ea35200a7a9ba3434d032fd3d749effd70cc298d7f6f2c58e478bdcf7def073153885368b7df213268858d109066bb03e754c11230d3b0f6326d11b0245a85a341e90e0909c5d9516a7398278dfdb40293275e6b19e3b49238e3d22da4500c79f29240418c7fb3a6e9a52affd781b0cc43d30a0e60667238729f7db253c92cafb47cedf73461ec2954082b53ce0ed756cd3a8cba9a000c61c23f2b41a1d99f0e22e11e76f03d1dbd9b79af5a297686317887dfaabe4b2036adeb74c48d69cd817c0c4a4258005488af11d87175c865f194789d5606d2e9fc1fd95d360bf6ab2493847b9aef0d620be2bf75cd1b7cbbd2fca88081867232a43e419f0fb27fb272315ec6fe1c5f6b88247e7c95ae67125cf2a175081b6ce26b274247351fee0111cad64765b5e5f13673b9bd94b7c8fb27c50f78b59c6268e746ff4273358958242d93a891759fa68904030f8425ac69f4dd79585046d8e476b9ec311e7ce51d8eb03ca37449db82feb6599fe7e0ce225dd636bf466dd59b1c3abd952d7dde688378ca5eec8b0196f08345347179c924f5070f3d12a9324323aa104f232cd535995cc6ff38dc0bb64aa27b4eed3924cc91f93e000275ee74fc55ff25316d14d1034cccecde4b2ae326eb4da5536a6e22ab76e0c8532a4de18a631ec90e6cd884c32a43d261af70b1bb352d9a8151cb7d8a636d7716e85690943d73d8cac5c0a78dddaab93b04609069c794a035fa8054fa2d70f299ce09db80f5cda1a8fc061bff8cfeda53c229da88c97c4cd87da61602cace5c922ff6d463254d986c9652bf6adcb049840b7498d968e19e6e8bdc120f763be9afb1b4067e4ce39482b10cdf5429fd73c2fbea2c2189d9b018586cd28e5ae9ca12d36634776774290dd6e7ff85d639af77158f180391b7ce259428e25fd849ec9fb03c07d95da4f558dbff6c66ee150846d88293ada74237dd20e0d7c8c0ab22191c909dff3e8498f33d359ebf24398f9c8229955e9180ff0cc31de124d646db5d34bd6355b65900091c970de72854d80cc5067735929e72870d443f41fda6fe6c61bbd283ea606f3c5ae0c9a07b81e4775406142c0decde02315bf21015bd55678634973e553c593dafc811d0f667c35a9a12927a92ce3f27715207a0782a44d136ac15fa5226a258cf18daa99736593baf9202c722ab1ab3d95225bc036d31d0063e18c72af7e140de3e4e535e3d2a05ff1d4c3afcb97942f9d359c1f59f058f2fde554373d11ed006697ead54a25f7008c4aca8312508d0d6c20fc4854eff3be97e765f02e42af3befc5d0fe370eb623f56b50bdc6d291af535f439d036754f1fcd095d99e850b4c23e7f97f5641f7be4af9f4458ce6c79b16f8374f5e37ffd622d35c01c36be7ceb2b9169ef3523565edbade69aeada79c2318c14e65577814f083a1145e1b1af5c42ed8c18fcdfda68280684ff394d98512782c2de8b845a55c8f27a2b331e3b17025f4eed028b9092695b727c0a8fc39bd27398b1cecafd988bad05995bccabfff61521f44a9bf451e8575b17fcb804143ca33e171e5d41923026403b0b65e07470eff366bca8463096a7d06bdb3debc123287bd450d6f80fcaae31f89e62654905d2e6c0dff2c7b90a672ebfb0a98c762c7c496bb1447f76dd37c1f5d991af23862cec74ced2faa08257df409142a6dfd0fbc34bcd209d1635d501ef60ffea27d49a1e3753f961294bee832759f0b91194ccda71cf86f2e2291706c871cc4361b0e569be956a857c7a20d777ea6c42a5cd8b79a3cbd4e38266a50b8b8033a6793ea87a39eeac5003e2b5e1538dbee280241bae374b05fc7af6173509982c8acdffe6b6fc6e180673eb2793fb1a3fe158f8272585b85fc04df5cf01db7c03ac5aa9b99bed99cb80040fb13f940be2d9e03f4812c8f2b6fda0347c31bb772912f4dded1ebffb85a157b66c342d090d973c7690f5a0bc242e8ac7c4fd1cc508ddb3e3042ee3a7ab611aa245410037c5d3b740b64b1105b12963cf04c945621968a550c6038fc4fce40179946a6d008d7b0159423049b69ed928c94982c731d210e51e244a0075d32faa6260c1bb68a3e9bd81a68fbd3cd3294f8e8f5254462a07229042217cd13f8fc78ec1582bc142a30571756ab8add14403e2d933cba2ee1b3ef2dd6efa8f3e044a47628168b4ab38ec6d7888a0af2dcc1d0d304fc9b44271110fbc111246b6fa9c1a4a6ff37611edea5164dcaa7c5b7a23b9bb33caa9871b1cfa62166ab91ebeabfbec69eca5f5d5dde6be9ff1651b0a984e11071145ab3f1ccdcb511fa8dd2f15b6b96b6b091f8a3a77a0cbaa4445eb7a4a2087674b4424a98bb58df83c5cb687d64a40f7ac88a4b0277bc5fdae9543fcb7a7deacdce3b5c9dc72aa85ad0a0311bb2a1cb5fd662da5588edd11ed169f2437b9cf65d2f101fbe14ca8fce20cdf6fc0a9b55df52da3441d9a08aad76dd2fa589469602dcdfcff8068676faff49c33a6ad4f12fdd290239ee9ade2b150b66cff50c721cd707639325dfa399b9881c66bc229d50e49bdec3ab6193c1b2c444a1f4951f258aed30d768bafdcaa105707fb9057a9ba7d5415edda3dd0a939a923b31112d1cfb9739edfcb13720501d7f45491231e36fc2cd8986405e23fac9115410777ea204c7f048650e87e9db52eed5e2f7494d0383b63387bf29c15a558252cebb3039793ed7a112ead29b25ac9d691ee1ba1a72c9d2cd0b14b36580caaac56e825cd0b48d34e69c3695fc92e9943bdf73bea8fa6c3f501ff3bad3caaba478dfce593ef105b0b82774ed8979e6e45806bd6d8736a2d788cd6fd55110087a734cdb67a66d2d186484c8da0464888853f99949125f1854db5cb897d10d9686b387ff2a12c6677e0f9a27972df95623ff159cdd7af3871cf7b72a7b0d864b15b1fee995bb72f3edc1084c68f0f3ad6a6bad104baa6425c54a40638ecbfc35fd5875de4adc3c19ff4580f471f1038f127e50b3cd41472cef5144a73b1534915cadd985cc5fc422b2fb6076e951043e6e887d2602c956938dc8d0ef197ac59d23c1dade928d741593b2f498e39531041627f8cef2915757e4eeefdd919853c8e7381d5b8c538b249978ee71c044516a89688b0d4cbb2d116ba0d09b4ce7ad3c6d764c5188195cec391b0530ee47a6bb060f0f967eeb3794ad2ac4e11931e7308b86617d3221c9803a93e0adf39b1d7985de175c552f30b9308f20e3a2c359a35302d1e366174ebbb61b06051267723eb23855525f0175a1bd07fd6b456897ec999f9c0cf90c8a124531c246f89bda7d481f4c54c9e795a634c66192f9dfce2352f4b143122889331dcbd1b65e8d14bf70682c670e27053e53eee05e2087fc695f088bc2d0a549aabf1431e740f59d51f718cf76d6b1faa3e65d5cf3379c1648df621d9c4c8cb6866af582ceb9ba80351cdcc7547a3963b6737056d1a3772fc33f473826ebed299145e09f26fde2b5d30d314a4e3efb1659ad20b94d95ba0e63bf99df0aaf51821e5ad0af5885283a9b11506d959e8b9c121fc1da2ff2489c280ed5cb3fd0f72a0e36c014977c3fdd8499a9681c98a4eb9c4d46a794127365c73ef361732c0abc659fccc6b6df35adedde3376908c61848d0cd50ec0d9dc1216b69107af915007255ae47ceaf5bf4e7c45a05d099330af629b13a1989809a355f195fbb3fb3615ae0bb88e3b975d6756764c8efa557241dd0e7a8368886b249a73f7675779d58e844eee15778c1add1f6875a5683dc32c66a2773eacf5c741b202f601643148a4e864eea9c5e42b4981b38d736946b0b27bd1aa58109ab6f07d8e92bb1130b65363fbf365c8c2a607424290fb0667331918e38988db3c32731280e7b617ae031ec8550e96a39e99f87ceb3cc0e2d305e410e62bc0c8d24bc55d5deb2e002312a02fc51459bdc4234cb24f07a3bdd1284f0efc259da630d007c5bdb604f56f23c884153cb767d964deee30ca00ad2f5a1b28057068129e8c711b642b84ffa9e84ebda81205fd077f981826c52886"}, &(0x7f0000000000)=0x1008) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r6, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r6, 0x84, 0x1e, &(0x7f00000000c0), &(0x7f0000000100)=0x4) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 14:12:27 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x4, 0x0, 0x0, 0x0, 0x50e, 0x21000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000380)) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) ioctl$FS_IOC_MEASURE_VERITY(r1, 0xc0046686, &(0x7f0000002480)=ANY=[@ANYBLOB="01000010baf7626d421ae9734b4818330b84fe3f510bc9e8efb0951434079c5874b2940ac5ee8255ced4cdb0fbaef09b5f273e24241e18a68cd1b36df6bf7d9ed97824395d9988bd95c8e7e6d537fdb0d863ce4cfebd55fb8e2d5f030f922f726526b9d5479f9abf98bf6694a88105cef6385a4d824d537b35c08b215003acf50dfe4f8f02440af262a2b662741c00e972ff66fe0800b78f0997e5e485a05dd545419bc86c1987c907b3c43954e3e2be05d2da321ee14a35fc6e8114e344a814dec2b08ea9d24583c5d3fb5dc578ac656ca903d9f1def61a6015f57d5ec7d9cd4c4e47027197515b13e96acb6c8c923b32cc75ed8abc2e2ea99287dcb6e044db200d3270ae93a131f2115682544f7d55670b4bde67add60cdf0f0d7ed3df6a90a1226819a7516c7b8b4dfcff80fb90eb2b6ccbe7cfc1c7b86dfced695d40d333659d6eb208f95e4f2cb95b8cd23203e48b4152ef3ae350aefbcec6fc2a6e39cc45bab2edd85e5dd7697d53d9e09fe524ba3cf99738e452e9f752416f896ee25a9b29f75ecc9436a0c6a4e8a72b5fb092f0a58f3c0367d0a6c1f1cc2f2e8690297c4500228085988c9b2586b349b20c7782f59183e9aff3b6e1b194cd4b0e57a5a6d15aa1e07ade57ba5c91d56b59e07bd4578ee775712d1e8babdf3f4ba2f71a6b9309d8a88500660381caf47027293372ab722092908ec9bf938c003cd769b244bf28675fec213acf9737070bbbeb05611f91864464607a0f022f23e265a100a1b7776331dc3213944073d21c520db818583631e017ba74bc9e160feb8e802b7067c89b2b5f1c8de34f444ed6f327deab7abe55fafeb355b29afc7575467d4bfdbe4dd7ee7a355b77e4bd77913fa241689d2f6481e2244c59bf4b27a6919a9415559b20d55d0971019ddf1223f665a2d73a03708306f1d0298439b08e1134e790a17df30a4f668dfbbc80f98e31962259e1e79fed1909dfa167b6585e5d25719e3ccbd823846f8c7648453d4e50dd4ddd011edcef33f61318457ee2d8184fee7a23e7912b806490c1410d535c4c8b6a1ad29212d9601409fee8664f95cdfd6f740e74de39195a957c84cde1e41f966f841ef14649a9221da950ab1b4bb4cfcac811ae3a588ae8264e0b5ff59b8eca0eaaa591684227f6932889bed29af61f5906605aa8c83172ce5d266a829b7ecab2f8e65552575a8ec61f6a2cfb2f1acf48ecddeb6ce99c2fa667081c51c5f39ce457489cb484c587146b85629156fbcf4463d1b7d6b6ee5eaf9955becc22377cc601e03d6be29d15766dee073c52f629cb3f45ec0c69e1551e8984100ce292f6c029e391b7d75bfe615cc2b9ab68c8fedbdd0bcebffd4bf0735cf44097f74482dfad97d303bd756d66deb7b7cfac31aa7877d560eb7025d4bdb800eda94289aa40930a60eaf9fc2625818d713cdaec7608b01bf4129772ecb02f859caf02a1457f6505925d8e2cd03b46115118f03bc53d40dfbfd2c12700dc7a3b2616742c2fa42157f924ac86a873d22d4aab9793a936a1b37e3aed428efa14f27e2efac42992057880ec3857fa3261e926a75a05310e71204eb43f79945d5d577237b71b2030677d6330d04a173fa8962bffb666f33e9cceaccd91b6d81b55de587ee363b4e89c990397ed70621b4eaf65aa5aa363ed2dc97c69cafe2bf9c5b13ddd3079d5d546fe9be70a1d3607b886f986535fdef37f76ba7f320cb7764519394aea0a0966790c6f50a222984a32a81ce72892d8973449b8a961c6e76f04bdcadac611d381b27a45e3f162f6fd41f1b17cba76713be111fd6b3a5f8a22e20286ff6e700ecfe997bae22ca1518d17e5ddfb0d2712e3bb30deb5e2fdb946838c4fa068cd88a23e5ebbaf06b83b1822f81dfe2ec41aaac808e825a4101669b5df81a6f723fec30834c5579a014b8ce27b4213fcf7339ea07957b90692ec77b62ecb0ac6f174b52c6367985d61973eae0972bdeb86e5e94216b8bcbab971664a088bc68d80759de32e36eef5874901a513b0f27502bcba48f642ccc8603ebf41b832012925555bd3831cd4c359c54b64f1ad6cf8ffc2c1b3316a85833ac39d10d5d7bf79f044353b1b2b3f44b92022fca8aa9046ba4e6d3830e2253e01d1319ff1743f1ea458da7871b49a47763c545d0bfa1cd1f0dc13c79f87afc54780808152fe930fb1379a1e72c9d4c638c1e6e49badeec76c4cebdab857b82d1d15ae82587cd5408f06c07b8f349b2a4f6397fe3b5cfbd21346ff789e4a2cd5da75f31910a25f88d904aeb428f2e121ca3698f6261c5b926e2baedffd465dc987b17b127f2b44b4427799a432d7e5e6d6ce33880847bb458b2eb494ec3628bf5e3e1179d41fe7e91b2b07403c3a6443622c439495b4235936b717516168233083815ef32342aab69e95c233c9e37a23c392a0a9685f8d065a33c77b22375b4d58b622a2d62864881930293e17613bcf9b7a6b343bd48d266d2ee104e8e9bcf61dd4750154278ef3faa3eb073bc7d096a11d20e1059ccfe2819185a3f5db7f99737002069be92a96a6c52211628792ccfc4f39067bd852f3eda4b610d8f2fbe07eaf07ff1ee697f9d1d3c5f84a08fadbc56747579e3fa46718273b093339956211bf6755c816220ca594f97abd823b8ecbd8b6e5ca8c5dd6f914e6bfb1942d41abec189a7d258bcba13d144699df73ff1b14c960f07b386cc72533c982e8bae39f1d52c0d7a8af88ce2e6d13509c3ce0fa77610a97d34eab04c5f30f2961de755acce123153bac4657fac04b17b902257c0f64d936373ea2ea3d353c8b82ea0d0f3a49cf7573267e7a10602be2ba95bde496642b159314eb6d027240f6d31bf44101c474bf02620e9b0a120f3ad6de43401e7989b1479c91afb5ece149079030d5615ed81406c6f438dc6509bfc99ed85ebed4f3b308e229586778537be70bcc8f995f0fdd3b51423723e0d23b1736b401a0abafaaae2d52483e0cf5db7047fcacf70739cbde5e49bff39fadbdcd800c9e661c734fe5e712e8b95c98016c47820f4b5a08e35e9b0e0e93325888865b650291d1b4476bedf8188d17cc9e520d9014ca9721ddc5bbc77288a1c2fd1e130946371b8d1cd27bc3cfcea60c5d7c711656ee9071adf75b28b0b27a1c020a82a8abf2c3074070ce1a7106d9bd91758389d7f722e4057bec811a83e168137169c0db43c3511630b9b2ac2fa54d610b7af3fcf610384bfd7d30167443ae7a5b177e2084955928e25c99c5b25c74775e0662c59e129dcb5cfe3b2672e9b5c5c32b54c3750bc738a10c2128ff5887401b16f68e8061aa1c1790fc5982a68fb5b7b7a646fbce9ae46a61be701827c8bbf80e548977a1ffd738a227f5334548bdab06e919ccd90cd59ac0dfdb459695883d66f47ca16cb85d7a7c8dd70bcabf20933844d14951d5e1355189b3c4a40b4a8467d9140a91f09adf65beccdd8562d5982dd3f85c213660822dd4eead91d4fb938024c8ae8ce4a43edf2058c849648e980b3cee0cd35bfe0acd543d96722cb02f4b2d95c48d402dcb3c7057864d739c05749e9ea057125f3de7b3a74d4c6450cd5409de2d039afac6b987e01a42f6e99dec756b5d01a70b9aa882f509846c0f58d0714a01a8aa95d429b49386fd742d798383712a7849d40affe8785cae7538afd13b8e0c45803a5f208732892b3b42d6d9fb8df3ac773e3002feffccc39d63d1abf8a70b6f8d9d4678fcc98327619e9a3c4e720300534773c952dde1158e4f4edcdc4a78a5ed129c8ff8bc404f565e2615c4b2519420c040a4d5f5505f46a62b60c8dd30582e10337788ac9396e02381396879bfb93b9ec731adfcd8d360d21d95dacaff95ed14becbedc78e5a4fa27c9f1f8be522dcca8b50c8dab4614ad0d61b1a874915b6b99a19dbe770effbb20c954ebf6778d4ac1ac454fd6f53ebc6aa95896936c135d71a055a3b480f4a8264d79b40f9bb206d758988568626a0735ab44263fbcfae9e67c259347025877691017c630d09e91a64ee9aba6d438fe9b0035a7a930e7dc4c08b196c5ac4c2e6a170ac7e515e5bb1f311cdb6d7d68c47bccad5f19d2bf874bb601972427b3df87a4fcc7d3d659770f9e03eaf26f79ec0a5fc02ec84a0cbb045aff0c4c796da527ba2a051553fde8f1ebdb7f815c89072751ca44514fbb137503cfe589be014fe5ed2a7c3accb3d9972f2e8a1d35c52d831d6c2df1bbf917441ef27e14220910cd906aea7a40c6b87d59ea6335d24e38c09701cc0f79d8057461928d3a47381de091aec63d91ef6ec0a23cca08c7b398019e5aa58505712b411d9903183d12984f47d8ee58a6c22b704eef408cd1c0bde0289a049cdde5f5e4d96e1519febb4397e97a34f3657cdb86cbbffefa79cd6b6c2bf9740f14e36b456d4462108e1e0945e4fa1fbd2a66ebbac743266b9be15903aab4eda82ec58216b7bf1e7f9cec02a33323532f34437921d3d5622f7ae8a95c9ec9ace26e7fa6c99ad73c4ac9a2418664e49c0556fdd48af2e284c723ccf8a23b631ac96d67a3dafa6ef4023500b664b70aa97f28b3ae23a4e3bca1b3944e5a95679b332396884126ebb6bc835faec147f48c5df6e07053e93cd09f6d070dfe9b551264c921e0717ce5be782b48209a2ce236d55175ec0fb1c0f7832eb1aad3fd1f81dbc072f296493d060366c9fbbb9825f6a128cf6dae6bfd66805e3a44719ce478d7b7881e082f2b682631cbf887d2214866caaa8ebaf157095b2eabc8b54991eec65ed1067d148a36fdea34fe34c117efeb8c5fa5078aad2b575f4a78a2ae7b8d8bd077d88c007b07a7604417967d5ec4895a25aceaaf4d2780d9a411bdf75953102a1e29e547672c7487e251c974550a8d70f025e5b3468e1083b83d51b9fa3023be3923561c99b8211342270fbcf34830bf2876e4f7c5cc717b097c730206247c3ea00f64354c17e465831be3475d4b718caaa6164501de16367f6a0e9166ccd66ab1e4db42e57949fd123eb828907a7662b213dc5cec670af1226f72646133769064faefdfa75ab5946e9787fe795a4e8faa0a11c4d34a4bc8844d1917b617b2aa30037c90da0188896f07d4ec776eb99e6ff577f292514a646a9c8f89ae20c24ec01ef05d7e8150934c9c5a641fdf70b5bda1b8b9ee82feb182369c9f66acf55cb7a0c2a08dc55879e789b07b8cd4344dfbe8277b40f7d9782e24403081fb926f401a7648c457163c2d3c0b282c5cc88cf5a4f5a54651a631f35e8dc2e8541f60dc35933a15670c2e8d0e224bd9a75a8a99e3faa9330554127c45d1c49aab6706313f2ea40645695d7dbcbfa6653558bfb7d1d339a76b92dd0eefaaacf43fa9e1337440ed815ca7c87803ac85743d29bda80ce7cdc7ac9d16e5b46a1b4369e7de069d1e3b50feac1ba787168d0de06c3a3e88afd39c490e49d2c93cff99ac7de517eb210d7b9fdd9b7755951da4141ea31a93eca961697e9f876d9329feec37db8ee1725da10a7c8294f4b961b08382483acfd0b14501b0023e108979f5ebaff3b853eae5bfe1f9c8bd4dceb29607c5b4ca560cb0071e1382be5926a4f4648bbc6c041742d37729a570a6066178f8b64cfe0b0bdd422f85b204d2859d16f2aba99372b97fec343bdb20281fa5b2c3e07f15e3c040557cb646973fac9dd95577d26325f465a0ea65982a12c3208923f59ca31bee6bcb971f0d7f2ba418f9755f66e99d193a661bf3752ed8640fa771b09a172927977b91e06ff5d9bd96c5a7eb62e10e298175f8bfdf4df5616d637419092ca17a1f1c3992bdebfb70ae9155c6109a3b0b39289b3e2032eb91c64cf575e70bea8a7ec097e5d6c212bb6685fb2232b3a1d0febb3b06fb9e72f0b1c86174b0fc193f4759847ff6949573b4448d1e4803c65db1bf3bde7b1d01a4757bcfdf57cda5076ca490b03b564ef418faffd7e3f"]) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB="8c00000003010300000000002c000280140001800800010000000000080002007f0000010c0002800500010000000000060003400000000006001240020000003c001080080001400000000308000340000000000800034000008000080002407fffffff08000340fffff6600800034000000e6408000140000000ff0600124000030000"], 0x8c}}, 0x50) ioctl$VIDIOC_TRY_EXT_CTRLS(r1, 0xc0205649, &(0x7f00000000c0)={0x9d0000, 0x8001, 0x1f, r2, 0x0, &(0x7f0000000000)={0x19b1b83, 0x4, [], @ptr=0x2}}) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) setsockopt$bt_BT_FLUSHABLE(r3, 0x112, 0x8, &(0x7f0000000100)=0x5, 0x4) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r6, 0xae80, 0x0) r7 = syz_open_procfs(r0, &(0x7f0000000140)='schedstat\x00') ioctl$TIOCGWINSZ(r7, 0x5413, &(0x7f0000000180)) 14:12:27 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) r0 = syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x0) vmsplice(r0, &(0x7f0000000180)=[{&(0x7f0000000280)="d8decb3261513d507bafcce4966ebf3fe674e7161477b27d0166b1fb8c247dfd79bbff51ddb67750ab730be7d99ab48bf549b389b5fab7504bf2c8db4b9c009c083bad7ca9e983707277fe06333b95c816b8ecb7019e3c1f6b3f4bd8868ad2e28f61d416b21e562eba6dd24627661a8ce6fbd3a406023e7e85bfe60274416688ce293103", 0x84}], 0x1, 0x8) clock_gettime(0x0, &(0x7f0000000240)) write$P9_RREADLINK(r1, &(0x7f0000000100)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x77359400}, 0x0) 14:12:27 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 442.114059] overlayfs: missing 'lowerdir' 14:12:27 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, 0x0) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:27 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8fa6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 14:12:27 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) 14:12:27 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 442.237529] *** Guest State *** [ 442.245452] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 442.257649] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 442.275965] overlayfs: missing 'lowerdir' 14:12:27 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, 0x0) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) [ 442.291743] *** Guest State *** [ 442.295141] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 442.318489] CR3 = 0x00000000fffbc000 [ 442.324786] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 442.332627] RFLAGS=0x00020002 DR7 = 0x0000000000000400 14:12:27 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) 14:12:27 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(0x0, 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 442.364235] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 442.366783] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 442.385545] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 442.397159] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 442.398699] CR3 = 0x00000000fffbc000 14:12:27 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0xe}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0) [ 442.409126] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 442.424427] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 [ 442.446727] overlayfs: missing 'lowerdir' [ 442.453309] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 442.464484] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 442.470076] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 442.475526] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 442.500989] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 442.512575] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 442.521881] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 442.535538] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 442.544081] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 442.554093] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 442.569047] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 442.579640] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 442.594832] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 442.603402] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 442.612702] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 442.621334] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 442.629577] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 442.639277] Interruptibility = 00000000 ActivityState = 00000000 [ 442.645668] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 442.646945] *** Host State *** [ 442.654531] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 442.657976] RIP = 0xffffffff8117dacf RSP = 0xffff8880987479b0 [ 442.668283] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 442.672960] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 442.680123] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 442.687897] FSBase=00007f8986645700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 442.698723] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 442.703525] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 442.709088] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 442.716695] CR0=0000000080050033 CR3=0000000085fe7000 CR4=00000000001426f0 [ 442.726263] Interruptibility = 00000000 ActivityState = 00000000 [ 442.730776] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 442.736847] *** Host State *** [ 442.744561] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 442.749893] RIP = 0xffffffff8117dacf RSP = 0xffff888057f679b0 [ 442.753633] *** Control State *** [ 442.758990] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 442.763830] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 442.772728] FSBase=00007f2c0b26c700 GSBase=ffff8880aeb00000 TRBase=fffffe0000034000 [ 442.777268] EntryControls=0000d1ff ExitControls=002fefff [ 442.784975] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 442.790178] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 442.797730] CR0=0000000080050033 CR3=000000008e88d000 CR4=00000000001426e0 [ 442.803589] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 442.814508] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 442.816510] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 442.824449] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 442.829762] reason=80000021 qualification=0000000000000000 [ 442.842332] *** Control State *** [ 442.842560] IDTVectoring: info=00000000 errcode=00000000 [ 442.845881] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 442.851586] TSC Offset = 0xffffff0fdf647ac1 [ 442.863186] EPT pointer = 0x00000000a4f4101e [ 442.864552] EntryControls=0000d1ff ExitControls=002fefff [ 442.867953] Virtual processor ID = 0x0001 [ 442.874105] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 442.888715] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 442.897114] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 442.908338] reason=80000021 qualification=0000000000000000 14:12:28 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x10100, 0x60) 14:12:28 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[]) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:28 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) 14:12:28 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(0x0, 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:28 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) prctl$PR_CAPBSET_READ(0x17, 0x16) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 442.917757] IDTVectoring: info=00000000 errcode=00000000 [ 442.931006] TSC Offset = 0xffffff0fdf95ad1c [ 442.935354] EPT pointer = 0x000000008a2c101e [ 442.945169] Virtual processor ID = 0x0002 14:12:28 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8fa6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) 14:12:28 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(0x0, 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 443.086453] overlayfs: missing 'lowerdir' 14:12:28 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:28 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8fa6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) 14:12:28 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[]) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:28 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) unshare(0x2040080) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 443.272320] overlayfs: missing 'lowerdir' 14:12:28 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8fa6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) 14:12:28 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:28 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[]) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:28 executing program 2: perf_event_open(&(0x7f0000000040)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:12:28 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) name_to_handle_at(0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', &(0x7f0000000480)={0x60, 0x8, "98616ac4c51f68653a753128b414ad22610aa5f2635b2f854b8f02ca09d9eddcc0858475b172d1019ac8412f97be53b606ab28fe03cbb027c75615ab23104e5cb3028eadf024057e7b325a84ea4730e14d4090dd88a697ed"}, &(0x7f0000000500), 0x400) r0 = syz_open_dev$sndpcmc(0x0, 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) ioctl$VIDIOC_STREAMON(r1, 0x40045612, &(0x7f0000000340)=0x5) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x6}, 0x0, 0x2, 0xffffffffffffffff, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="48000000030103000000000000000000000000002c000280140001800800010000000000080002007f0000010c000280050001000000000006000340000000000600124002000000f86b08ef63d9a27edbbaa508f3262f1c7fc5b3ed9dd1125c9c272537942c2c2d57e974c16671d957a00f147b6aabecf24b486e25fc2170bbbf7d426d6085ae94dd57024785ae13763e2ac91614a98f35c6d4de9fe85a5cda5684f165b5dac7e0149e4ab7c1b39fe0485e64ab82a6"], 0x48}}, 0x0) sendmsg$IPSET_CMD_PROTOCOL(r2, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40101001}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="3c00000001060002010000080500010007000000050001000700000005000100070000000500010007000000050001000700"/60], 0x3c}, 0x1, 0x0, 0x0, 0x24040000}, 0x50) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r0, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) mmap$perf(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x32110, r4, 0x0) [ 443.517429] overlayfs: missing 'lowerdir' [ 443.548520] *** Guest State *** [ 443.561146] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 443.571374] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 443.582441] CR3 = 0x00000000fffbc000 [ 443.586321] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 [ 443.593309] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 443.599724] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 443.609087] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 443.617282] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 443.625990] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 443.635204] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 14:12:28 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:28 executing program 5: sync() perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8fa6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) [ 443.644472] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 443.653488] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 443.662915] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 443.671761] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 443.689263] IDTR: limit=0x0000ffff, base=0x0000000000000000 14:12:28 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB]) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) [ 443.698004] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 443.711534] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 443.721284] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 443.733460] Interruptibility = 00000000 ActivityState = 00000000 [ 443.742845] *** Host State *** 14:12:29 executing program 5: sync() perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8fa6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) 14:12:29 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 443.767191] overlayfs: missing 'lowerdir' [ 443.776917] RIP = 0xffffffff8117dacf RSP = 0xffff8880521379b0 14:12:29 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB]) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) [ 443.810159] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 443.817978] FSBase=00007f2c0b2af700 GSBase=ffff8880aeb00000 TRBase=fffffe0000003000 [ 443.829337] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 443.844056] CR0=0000000080050033 CR3=00000000931e6000 CR4=00000000001426e0 [ 443.852277] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 14:12:29 executing program 5: sync() perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8fa6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) [ 443.859468] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 14:12:29 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:29 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) getsockname$packet(r4, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000500)=0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'vlan0\x00', 0x0}) r9 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000000c0)=@newlink={0x28, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r8, 0x0, 0x900}, [@IFLA_MASTER={0x8, 0xa, r10}]}, 0x28}}, 0x0) getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000001580), &(0x7f00000015c0)=0x4) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000001800)={&(0x7f0000000700)={0x200, 0x0, 0x8, 0x70bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_LINKSTATE_HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_LINKSTATE_HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}]}, @ETHTOOL_A_LINKSTATE_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_LINKSTATE_HEADER={0x7c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nr0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_LINKSTATE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}]}, @ETHTOOL_A_LINKSTATE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}]}, @ETHTOOL_A_LINKSTATE_HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}]}, @ETHTOOL_A_LINKSTATE_HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}]}]}, 0x200}, 0x1, 0x0, 0x0, 0x10}, 0x8080) [ 443.894929] *** Control State *** [ 443.899290] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 443.919500] EntryControls=0000d1ff ExitControls=002fefff [ 443.927620] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 14:12:29 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) [ 443.950399] overlayfs: missing 'lowerdir' [ 443.973963] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 443.985150] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 443.997572] reason=80000021 qualification=0000000000000000 [ 444.009218] IDTVectoring: info=00000000 errcode=00000000 [ 444.023142] TSC Offset = 0xffffff0f2c0e247d 14:12:29 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x2, 0x0, 0x0, 0x8, 0x0, 0xc3, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 444.064643] EPT pointer = 0x000000008b8e001e [ 444.069098] Virtual processor ID = 0x0002 [ 444.117590] *** Guest State *** [ 444.121747] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 444.134039] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 444.145721] CR3 = 0x00000000fffbc000 [ 444.156107] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 444.166434] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 444.182078] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 444.189345] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 444.195192] *** Guest State *** [ 444.200656] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 444.208367] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 444.215609] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 444.228091] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 444.232259] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 444.239089] CR3 = 0x00000000fffbc000 [ 444.248456] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 444.253274] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 [ 444.260132] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 444.265160] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 444.275296] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 444.282535] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 444.288590] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 444.295293] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 444.303203] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 444.313503] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 444.319443] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 444.326376] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 444.335485] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 444.345873] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 444.350687] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 444.356925] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 444.365746] Interruptibility = 00000000 ActivityState = 00000000 [ 444.376465] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 444.380521] *** Host State *** [ 444.387099] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 444.387114] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 444.387126] IDTR: limit=0x0000ffff, base=0x0000000000000000 14:12:29 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r0, 0x407, 0x0) write(r0, &(0x7f0000000340), 0x41395527) ioctl$SNDCTL_DSP_STEREO(r0, 0xc0045003, &(0x7f0000000100)) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) r2 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r2, 0x4, 0x6100) write$cgroup_type(r2, &(0x7f0000000200)='threaded\x00', 0x175d900f) ioctl$KVM_XEN_HVM_CONFIG(r2, 0x4038ae7a, &(0x7f0000000380)={0x7, 0xa4e, &(0x7f0000000280)="7e09437806df59392419af321720bd212cd8247bdd43c10f1d49726817ceebc3b07a77700a31a1967c866d426de38c966f9cd0d58f510ec45ca2a8fb10deee4e3432b0c70376d22640486f6497da9a16ddde68e10aea22597198e01492b4b6b8ce22bf5b493d701dc3f38b9960f9d9f0e6248a74631ed696ac103fb2ab74e1455e728f4c1298afd6c53c4b02380b06b385902cf155dfadab4b58342ca62e333977a098c1109e02ba854253b1", &(0x7f0000000340)="a38248963f6ba0169e70192bff484780a56dea87025f848bebd0ded541b742b9f2a927bd", 0xac, 0x24}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0) 14:12:29 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB]) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:29 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:29 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) [ 444.392286] RIP = 0xffffffff8117dacf RSP = 0xffff8880506279b0 [ 444.403093] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 444.417116] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 444.442743] FSBase=00007f8986666700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 444.444338] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 444.452285] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 444.460165] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 444.485934] overlayfs: missing 'lowerdir' [ 444.492700] CR0=0000000080050033 CR3=00000000a0b6c000 CR4=00000000001426f0 14:12:29 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) 14:12:29 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:29 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=.']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) [ 444.519974] Interruptibility = 00000000 ActivityState = 00000000 [ 444.520861] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 444.550071] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 444.554601] *** Host State *** [ 444.558435] *** Control State *** [ 444.568209] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 14:12:29 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8fa6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) [ 444.599724] RIP = 0xffffffff8117dacf RSP = 0xffff8880521379b0 [ 444.602056] EntryControls=0000d1ff ExitControls=002fefff [ 444.619784] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 444.625962] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 444.632220] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 14:12:29 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 444.653889] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 444.664959] reason=80000021 qualification=0000000000000000 [ 444.667692] FSBase=00007f2c0b2af700 GSBase=ffff8880aeb00000 TRBase=fffffe0000034000 [ 444.684164] IDTVectoring: info=00000000 errcode=00000000 [ 444.693298] TSC Offset = 0xffffff0ede7193f8 [ 444.693366] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 444.705643] CR0=0000000080050033 CR3=0000000095c55000 CR4=00000000001426e0 [ 444.713977] overlayfs: option "workdir=." is useless in a non-upper mount, ignore [ 444.734643] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 444.736085] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 444.744299] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 444.750059] EPT pointer = 0x00000000889f301e [ 444.758065] *** Control State *** [ 444.768923] Virtual processor ID = 0x0001 [ 444.769397] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 444.793401] EntryControls=0000d1ff ExitControls=002fefff [ 444.811448] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 444.831474] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 444.842539] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 444.850040] reason=80000021 qualification=0000000000000000 [ 444.859181] IDTVectoring: info=00000000 errcode=00000000 [ 444.866387] TSC Offset = 0xffffff0ed2edddc7 [ 444.872155] EPT pointer = 0x000000009d1b901e [ 444.879341] Virtual processor ID = 0x0002 14:12:30 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) fsetxattr$trusted_overlay_nlink(r2, &(0x7f0000000000)='trusted.overlay.nlink\x00', &(0x7f00000000c0)={'U+', 0x2eae0100}, 0x16, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:12:30 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8fa6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) 14:12:30 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=.']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) [ 445.090651] overlayfs: option "workdir=." is useless in a non-upper mount, ignore [ 445.100116] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 445.213564] *** Guest State *** [ 445.216964] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 445.226944] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 445.236844] CR3 = 0x00000000fffbc000 [ 445.241434] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 445.247624] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 445.254207] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 445.261384] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 445.269875] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 445.278119] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 445.287087] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 445.295349] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 445.303502] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 445.311675] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 445.319759] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 445.331586] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 445.339855] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 445.348158] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 445.354949] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 14:12:30 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0) r1 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x6100) write$cgroup_type(r1, &(0x7f0000000200)='threaded\x00', 0x175d900f) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000100)={&(0x7f0000000280)="5e707d096798399333ac8b92bacb6f4034012e31a8a9d8ad49b086ceebc1fd4fc0c232fe57104a0561df4ce841cc5b3e62f74a5125a8f826ea93854c4bb5a346355444235c9fe8e457f13e752a6102196920549b0f637355bd5352d1b317fbdee9051006112ab0469d28e0e3fc3bf38244e4f3e740dcbaece5fafb9f94b832142738b43882f738c2186ae267412aa4b2a010837a8146dc60347be2ba857598fd7a1f1c07", &(0x7f0000000340)=""/168, &(0x7f0000000400)="d01ecb9cb8c4ac2a432dfbbf2a4b78a62f22d882942307742e26351e04c27acec82811a227a56bbb188639726e473812ca35b00f8630c80414af88e630a56a8ba160e275cd2d09473b5eb8830afd8cd0e4a071ac8952a254eb17b999e34837d03caccdde84a8541a5b34164b9e8ff1174174cb604c0c254e5763a5e3d313ecc43736134a1f536315a0c5adacab84bf2bf8d4dbf55fa250d279e44a5d7202b8bfbce4a8246b93a59f20784727d304268bd1df98e766b9d42fc3c7d92ab13ff5a88b13a6c1e9f051080d9b256b8c57117b58eb1ed6c39f014e286cee1f36f411ffaa2eb6b5755341005c2f16c5b948df61", &(0x7f0000000500)="101668631a88f385b3e872ddbbe8252769012f6d17f0f29634bc6d55f599cc2ea98a07f9dfdb0b307192518cc01593bab31dab01e6dc10311f415d3413afddbac659df748e7b73cf77e38b0a2b9d6395a9e87717ec8e8913a6bdc7527bca530c5757128b7cd688705132e0c2c81ce7d87db23cd73281dd6c99478e948f0568", 0x9, r1}, 0x38) 14:12:30 executing program 2: write$P9_RREMOVE(0xffffffffffffffff, &(0x7f00000001c0)={0x7, 0x7b, 0x1}, 0x7) r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$TCGETS(r0, 0x5401, &(0x7f0000000000)) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x7, 0x0, 0x0, 0x9, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x20000000000000, 0x0, 0x0, 0x0, 0x101, 0x0, 0x3], 0x0, 0x20000}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) ioctl$VIDIOC_TRY_FMT(r4, 0xc0d05640, &(0x7f00000000c0)={0x2, @pix_mp={0x2, 0x8, 0x32315559, 0x7, 0x2, [{0x7, 0x100}, {0x3f7, 0x7fffffff}, {0x8}, {0xfffffff8, 0x300}, {0x7fff, 0x2}, {0x0, 0x2}, {}, {0x8, 0x1f}], 0xfb, 0x5d, 0x6, 0x2, 0x3}}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:12:30 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:30 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8fa6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) 14:12:30 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=.']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) [ 445.362863] Interruptibility = 00000000 ActivityState = 00000000 [ 445.369090] *** Host State *** [ 445.377247] RIP = 0xffffffff8117dacf RSP = 0xffff888053f1f9b0 [ 445.383481] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 445.404924] FSBase=00007f8986666700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 14:12:30 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:30 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8fa6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) [ 445.459986] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 445.471073] CR0=0000000080050033 CR3=00000000a4588000 CR4=00000000001426f0 [ 445.475280] *** Guest State *** [ 445.482501] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 445.487481] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 445.508441] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 445.518376] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 445.519654] overlayfs: option "workdir=." is useless in a non-upper mount, ignore [ 445.542826] *** Control State *** [ 445.549449] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 445.556651] CR3 = 0x00000000fffbc000 [ 445.556658] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 [ 445.556667] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 445.556678] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 445.556687] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 445.556701] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 445.556714] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 14:12:30 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:30 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upper']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) [ 445.556727] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 445.566205] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 445.575139] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 445.585843] EntryControls=0000d1ff ExitControls=002fefff [ 445.589332] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 445.611584] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 445.623090] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 445.667810] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 445.677060] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 445.689807] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 445.696998] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 445.699864] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 445.718156] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 445.723318] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 445.726402] Interruptibility = 00000000 ActivityState = 00000000 [ 445.743898] *** Host State *** [ 445.747415] RIP = 0xffffffff8117dacf RSP = 0xffff888050c279b0 [ 445.755659] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 445.764955] reason=80000021 qualification=0000000000000000 [ 445.771652] FSBase=00007f2c0b28d700 GSBase=ffff8880aeb00000 TRBase=fffffe0000034000 [ 445.774753] IDTVectoring: info=00000000 errcode=00000000 [ 445.787314] TSC Offset = 0xffffff0e48145ee4 [ 445.788105] overlayfs: unrecognized mount option "upper" or missing value [ 445.794230] EPT pointer = 0x000000008cdfa01e [ 445.801640] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 445.812738] CR0=0000000080050033 CR3=00000000a09ac000 CR4=00000000001426e0 [ 445.816731] Virtual processor ID = 0x0001 [ 445.820685] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 445.831323] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 445.850608] *** Control State *** [ 445.854305] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 445.861261] EntryControls=0000d1ff ExitControls=002fefff 14:12:31 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8fa6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) 14:12:31 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:31 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upper']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) [ 445.867737] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 445.876956] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 445.887578] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 445.901409] reason=80000021 qualification=0000000000000000 [ 445.925676] IDTVectoring: info=00000000 errcode=00000000 [ 445.940748] TSC Offset = 0xffffff0e2aeae487 [ 445.949926] EPT pointer = 0x000000008880201e [ 445.954843] Virtual processor ID = 0x0002 [ 445.973426] overlayfs: unrecognized mount option "upper" or missing value 14:12:31 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8fa6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) 14:12:31 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:31 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000040)={r6, 0x4c, "9536a6435f539ab97b3f416d7ac184c928cdd2bf7386b793257e39cc8d829b747e148558bdebbd05170919be1753d5176b12e793ff9a486f9717552abd0f854825137fd9d42c4a0438c63acf"}, &(0x7f00000001c0)=0xfffffd72) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r4, 0x84, 0x10, &(0x7f0000000000)=@assoc_value={r6, 0x9}, &(0x7f00000000c0)=0x8) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:12:31 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upper']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:31 executing program 3: syz_open_dev$midi(&(0x7f0000000100)='/dev/midi#\x00', 0x8, 0x280) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0) 14:12:31 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) accept4$inet(r3, &(0x7f0000000000)={0x2, 0x0, @broadcast}, &(0x7f00000000c0)=0x10, 0x800) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:12:31 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8fa6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) 14:12:31 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:31 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:31 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) [ 446.397283] overlayfs: unrecognized mount option "upper" or missing value [ 446.487535] *** Guest State *** [ 446.492363] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 446.524316] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:12:31 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:31 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x48, 0x3, 0x1, 0x3, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x200}]}, 0x48}}, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x6000) r2 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setregid(r3, 0x0) fchown(r0, r1, r3) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0) [ 446.543088] CR3 = 0x00000000fffbc000 [ 446.571601] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 [ 446.579409] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 446.593392] overlayfs: workdir and upperdir must be separate subtrees [ 446.603186] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 446.613873] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 14:12:31 executing program 5: sync() keyctl$chown(0x4, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) [ 446.624305] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 446.636124] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 446.651562] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 14:12:31 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) [ 446.696838] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 446.712877] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 446.730550] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 446.739661] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 446.748979] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 446.758446] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 446.805472] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 446.817902] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 446.832714] Interruptibility = 00000000 ActivityState = 00000000 [ 446.845129] overlayfs: workdir and upperdir must be separate subtrees [ 446.860208] *** Host State *** [ 446.868577] RIP = 0xffffffff8117dacf RSP = 0xffff8880532479b0 [ 446.877287] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 446.889187] FSBase=00007f2c0b28d700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 446.899069] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 446.906034] CR0=0000000080050033 CR3=00000000900d8000 CR4=00000000001426f0 [ 446.914203] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 446.922122] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 446.928840] *** Control State *** [ 446.933189] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 446.940837] EntryControls=0000d1ff ExitControls=002fefff [ 446.947366] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 446.954781] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 446.962084] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 446.971464] reason=80000021 qualification=0000000000000000 [ 446.978040] IDTVectoring: info=00000000 errcode=00000000 [ 446.983883] TSC Offset = 0xffffff0da4f32207 [ 446.988562] EPT pointer = 0x00000000922ae01e [ 446.993488] Virtual processor ID = 0x0001 [ 447.018836] *** Guest State *** [ 447.022707] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 447.073754] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 447.083349] CR3 = 0x00000000fffbc000 [ 447.087547] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 447.095669] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 447.104444] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 447.113198] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 447.125411] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 447.134350] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 447.142949] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 447.151706] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 447.159883] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 447.168656] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 447.177171] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 447.194760] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 447.259476] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 447.267862] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 447.277206] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 447.284990] Interruptibility = 00000000 ActivityState = 00000000 [ 447.291382] *** Host State *** [ 447.294647] RIP = 0xffffffff8117dacf RSP = 0xffff8880a83079b0 [ 447.301256] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 447.307686] FSBase=00007f8986644700 GSBase=ffff8880aea00000 TRBase=fffffe0000034000 [ 447.315746] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 447.321809] CR0=0000000080050033 CR3=00000000a9616000 CR4=00000000001426f0 [ 447.328858] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 447.335654] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 447.341877] *** Control State *** [ 447.345511] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 447.353279] EntryControls=0000d1ff ExitControls=002fefff 14:12:32 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x48, 0x3, 0x1, 0x3, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0xa, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private=0xa010102}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x200}]}, 0x48}}, 0x0) ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f00000000c0)={0x6, 0x1, 0x4, 0x800, 0xffffffff, {0x0, 0x2710}, {0x3, 0x1, 0x40, 0x1f, 0x4, 0x3, "fca79448"}, 0x16, 0x3, @offset=0x7, 0x8, 0x0, r1}) write$FUSE_STATFS(r2, &(0x7f0000000140)={0x60, 0x0, 0x5, {{0x7, 0x100000001, 0xcbf2, 0x5, 0x9, 0x1, 0x6, 0x3f}}}, 0x60) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000380)) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$UI_DEV_DESTROY(r0, 0x5502) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r6, 0xae80, 0x0) 14:12:32 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:32 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x0, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:32 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:32 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vsock\x00', 0x200080, 0x0) ioctl$RTC_WIE_OFF(r1, 0x7010) r2 = socket$pptp(0x18, 0x1, 0x2) dup3(r0, r2, 0x0) getpid() r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r5, 0xae80, 0x0) [ 447.358836] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 447.366453] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 447.373391] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 447.380009] reason=80000021 qualification=0000000000000000 [ 447.386556] IDTVectoring: info=00000000 errcode=00000000 [ 447.392347] TSC Offset = 0xffffff0d6c85167a [ 447.396963] EPT pointer = 0x0000000091a6501e [ 447.401486] Virtual processor ID = 0x0002 14:12:32 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) getsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, &(0x7f0000000100), &(0x7f0000000280)=0x4) timerfd_gettime(r0, &(0x7f00000002c0)) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) clock_gettime(0x1, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) [ 447.486441] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 447.496622] overlayfs: workdir and upperdir must be separate subtrees [ 447.504034] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore 14:12:32 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x0, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:32 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) [ 447.533600] overlayfs: missing 'lowerdir' [ 447.542508] overlayfs: missing 'lowerdir' [ 447.564381] *** Guest State *** [ 447.576779] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.4'. 14:12:32 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./fil']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) [ 447.592630] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 447.633701] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 447.647744] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:12:32 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x0, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:32 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) [ 447.683119] overlayfs: missing 'lowerdir' [ 447.695917] CR3 = 0x00000000fffbc000 [ 447.705077] RSP = 0x0000000000000c62 RIP = 0x0000000000000000 [ 447.714345] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 447.721503] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 447.726552] overlayfs: failed to resolve './fil': -2 [ 447.729030] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 447.743694] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 447.753076] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 447.767594] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 14:12:33 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) [ 447.778911] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 447.791784] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 447.806221] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 447.821285] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 447.831673] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 447.839853] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 447.849958] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 447.857774] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 447.866690] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 447.867192] Interruptibility = 00000000 ActivityState = 00000000 [ 447.881864] overlayfs: missing 'lowerdir' [ 447.891128] *** Host State *** [ 447.899372] RIP = 0xffffffff8117dacf RSP = 0xffff8880521bf9b0 [ 447.919354] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 447.965269] FSBase=00007f2c0b2af700 GSBase=ffff8880aeb00000 TRBase=fffffe0000034000 [ 447.974536] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 447.981489] CR0=0000000080050033 CR3=00000000934ba000 CR4=00000000001426e0 [ 447.988635] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 447.996288] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 448.003195] *** Control State *** [ 448.006778] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 448.015401] EntryControls=0000d1ff ExitControls=002fefff [ 448.023674] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 448.035574] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 448.044963] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 448.056225] reason=80000021 qualification=0000000000000000 [ 448.059519] *** Guest State *** [ 448.063939] IDTVectoring: info=00000000 errcode=00000000 [ 448.067916] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 448.075833] TSC Offset = 0xffffff0d06521f97 [ 448.082323] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 448.086979] EPT pointer = 0x00000000a84bf01e [ 448.097424] CR3 = 0x00000000fffbc000 [ 448.104203] Virtual processor ID = 0x0001 [ 448.105019] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 448.115517] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 448.122638] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 448.129875] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 448.139657] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 448.149314] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 448.158532] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 448.168376] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 448.183696] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 448.195381] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 448.206812] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 448.220052] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 448.230410] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 448.238498] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 448.246979] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 448.255390] Interruptibility = 00000000 ActivityState = 00000000 [ 448.262355] *** Host State *** [ 448.268725] RIP = 0xffffffff8117dacf RSP = 0xffff88804a37f9b0 [ 448.275278] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 448.281997] FSBase=00007f8986666700 GSBase=ffff8880aeb00000 TRBase=fffffe0000034000 [ 448.289869] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 448.295881] CR0=0000000080050033 CR3=00000000876bd000 CR4=00000000001426e0 [ 448.307451] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 448.315074] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 448.325927] *** Control State *** [ 448.329397] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 448.337027] EntryControls=0000d1ff ExitControls=002fefff [ 448.341798] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.4'. [ 448.347006] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 448.358793] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 448.370019] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 448.377840] reason=80000021 qualification=0000000000000000 [ 448.388765] IDTVectoring: info=00000000 errcode=00000000 [ 448.394787] TSC Offset = 0xffffff0cc379eafb [ 448.399199] EPT pointer = 0x00000000a880201e [ 448.408416] Virtual processor ID = 0x0002 14:12:33 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./fil']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:33 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:33 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:33 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xa0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') fcntl$lock(r0, 0x25, &(0x7f0000000140)) 14:12:33 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r0, 0xc0305602, &(0x7f0000000340)={0x0, 0x0, 0x2006}) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') r2 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r2, 0x4, 0x6100) write$cgroup_type(r2, &(0x7f0000000200)='threaded\x00', 0x175d900f) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f0000000380)) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0) r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000095dff8), &(0x7f000095dffc)=0x4) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000040)={0x0, 0x4c, "9536a6435f539ab97b3f416d7ac184c928cdd2bf7386b793257e39cc8d829b747e148558bdebbd05170919be1753d5176b12e793ff9a486f9717552abd0f854825137fd9d42c4a0438c63acf"}, &(0x7f00000001c0)=0xfffffd72) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000280)={0x0, @in={{0x2, 0x4e22, @local}}, 0xfffffffb, 0x6, 0x4, 0x4, 0x0, 0x9b23}, 0x9c) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000100)={r5, 0x2, 0x6, 0x5, 0xfffffffe}, 0x14) 14:12:33 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1}, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:12:33 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:33 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) [ 448.545579] overlayfs: failed to resolve './fil': -2 14:12:33 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xa0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@local, 0x800, 0x0, 0xff, 0x1}, 0x20) 14:12:33 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./fil']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:33 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:33 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:33 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xa0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/ip6_tables_names\x00') readv(r0, &(0x7f0000000040)=[{&(0x7f0000002400)=""/4096, 0x10b6}], 0x1) [ 448.710492] overlayfs: failed to resolve './fil': -2 14:12:34 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:34 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:34 executing program 2: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000280)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb, 0x1, 'clsact\x00'}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x6}]}, 0x38}}, 0x0) [ 448.775054] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 448.801032] overlayfs: missing 'lowerdir' [ 448.882923] lo: Caught tx_queue_len zero misconfig [ 448.888853] overlayfs: failed to resolve './file': -2 14:12:34 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:34 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:34 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:34 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) timer_create(0x0, 0x0, &(0x7f0000000200)) timer_getoverrun(0x0) 14:12:34 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000000c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:12:34 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:34 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect(r0, &(0x7f0000000800)=@hci, 0x80) [ 449.614326] overlayfs: failed to resolve './file': -2 [ 449.638913] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore 14:12:34 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:34 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000300)='batadv\x00') r2 = socket$inet6_dccp(0xa, 0x6, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000180)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000880)={&(0x7f00000001c0)={0x1c, r1, 0x27, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x1c}}, 0x0) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x5c, r1, 0x100, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x400}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xd6}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x800}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_GW_MODE={0x5}]}, 0x5c}, 0x1, 0x0, 0x0, 0x240080c0}, 0x40001) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f0000000040)={0x4, 0x70, 0x0, 0x0, 0x8, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xae08, 0x46c}, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4800000003010300000000000000000000b5ef1e9c0d6e980000002c000280140001800800010000000000080002007f0000010c0002800500010000000000060003400000000006"], 0x48}}, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="0200000003010300000040000000000000000000fd7b2c00000000080002007f0001010c000280050001000000000006000340000000000600124c0200ad8d55b1a36789d35b8a2e733ed1b69160b51d1ecaad5aa35c2bd0b96e71568daa00c431517cd64379f894590a0c0ff16ccd570b9f6ee80a7112b981f7da6e4c7167477e25ab5c7fdffc0a4092bc0aad743487bcf825453caf262bbb3e4fa255b0c7b853fa993b355e271d6434"], 0x48}}, 0x0) r7 = dup3(r5, r6, 0x0) write$cgroup_int(r7, &(0x7f0000000100)=0x9, 0x12) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0) [ 449.685106] overlayfs: missing 'lowerdir' 14:12:34 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:35 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:35 executing program 2: r0 = getpgid(0x0) kcmp$KCMP_EPOLL_TFD(r0, 0xffffffffffffffff, 0x7, 0xffffffffffffffff, 0x0) 14:12:35 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(0x0) mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) [ 449.768691] overlayfs: failed to resolve './file': -2 [ 449.776568] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.3'. 14:12:35 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:35 executing program 2: clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x28, 0x3, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x28}}, 0x0) r1 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) socket(0x10, 0x0, 0x0) socket(0x10, 0x0, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0) getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000200)) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB, @ANYRES32=0x0], 0x2}}, 0x0) sendmsg$IPCTNL_MSG_EXP_DELETE(0xffffffffffffffff, 0x0, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$gtp(0x0) sendmsg$GTP_CMD_DELPDP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0xc4005}, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0xd) [ 449.830887] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 449.842337] overlayfs: missing 'lowerdir' 14:12:35 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) dup(r0) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) [ 449.975195] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.3'. [ 449.991848] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 450.000834] overlayfs: missing 'lowerdir' 14:12:35 executing program 4: r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x140120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x4}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r2, 0x80082102, &(0x7f0000000000)) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 14:12:35 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:35 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(0x0) mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:35 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) dup(r0) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:35 executing program 3: perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x32a) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000a00), 0x4) 14:12:35 executing program 2: syz_emit_ethernet(0x46, &(0x7f0000000000)={@broadcast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "a0f000", 0x10, 0x3a, 0x0, @rand_addr=' \x01\x00', @local, {[], @ni={0x8b}}}}}}, 0x0) 14:12:35 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:35 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) dup(r0) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:35 executing program 2: r0 = mq_open(&(0x7f0000001380)='eth0\x00', 0x42, 0x0, 0x0) close(r0) socketpair$unix(0x1, 0x40000000000001, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mq_unlink(&(0x7f0000000140)='eth0\x00') [ 450.164035] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 450.181679] overlayfs: missing 'lowerdir' 14:12:35 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(0x0) mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x2000, 0x1) 14:12:35 executing program 3: openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nvram\x00', 0x6080, 0x0) 14:12:35 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) [ 450.252419] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 450.279616] overlayfs: missing 'lowerdir' [ 450.333535] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 450.347655] overlayfs: missing 'lowerdir' 14:12:36 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) ioctl$TUNSETSTEERINGEBPF(r3, 0x800454e0, &(0x7f0000000000)=r4) r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 14:12:36 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)={@multicast1, @empty}, 0x10) 14:12:36 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:36 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:36 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$netlink(0x10, 0x3, 0x4000000000000004) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, 0x0) preadv(r2, 0x0, 0x0, 0x0) 14:12:36 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(0x0, 0x2000, 0x1) 14:12:36 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:36 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = gettid() ptrace$getsig(0x4202, r2, 0x0, 0x0) 14:12:36 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) [ 451.085398] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 451.098226] overlayfs: missing 'lowerdir' 14:12:36 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$netlink(0x10, 0x3, 0x4000000000000004) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, 0x0) preadv(r2, 0x0, 0x0, 0x0) 14:12:36 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(0x0, 0x2000, 0x1) 14:12:36 executing program 5: r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) [ 451.187376] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 451.217392] overlayfs: missing 'lowerdir' [ 451.403565] *** Guest State *** [ 451.406895] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 451.421108] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 451.434488] CR3 = 0x00000000fffbc000 [ 451.438223] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 451.445664] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 451.452307] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 451.458982] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 451.467872] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 451.476304] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 451.489590] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 451.497842] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 451.506038] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 451.514405] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 451.523206] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 451.531567] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 451.539621] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 451.548029] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 451.554785] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 451.563531] Interruptibility = 00000000 ActivityState = 00000000 [ 451.569773] *** Host State *** [ 451.573432] RIP = 0xffffffff8117dacf RSP = 0xffff88804e3a79b0 [ 451.579612] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 451.587612] FSBase=00007f8986624700 GSBase=ffff8880aeb00000 TRBase=fffffe0000034000 [ 451.595658] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 451.602052] CR0=0000000080050033 CR3=00000000905b6000 CR4=00000000001426e0 [ 451.609219] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 451.617120] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 451.623287] *** Control State *** [ 451.626751] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 451.634426] EntryControls=0000d1ff ExitControls=002fefff [ 451.639876] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 451.648392] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 451.655919] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 451.663065] reason=80000021 qualification=0000000000000000 [ 451.669399] IDTVectoring: info=00000000 errcode=00000000 [ 451.675669] TSC Offset = 0xffffff0af692e33e [ 451.680752] EPT pointer = 0x000000009cc1201e [ 451.685180] Virtual processor ID = 0x0001 14:12:37 executing program 5: r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:37 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:37 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10, &(0x7f0000000300)=0x84, 0x4) 14:12:37 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(0x0, 0x2000, 0x1) 14:12:37 executing program 3: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x0) 14:12:37 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) 14:12:37 executing program 3: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x0) [ 451.942508] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore 14:12:37 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 451.987885] overlayfs: missing 'lowerdir' 14:12:37 executing program 5: r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:37 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x0, 0x1) 14:12:37 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x10, 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, r2, 0x0, 0x80000001) 14:12:37 executing program 2: syz_emit_ethernet(0x5e, &(0x7f00000004c0)={@local, @broadcast, @void, {@ipv6={0x86dd, @tipc_packet={0x0, 0x6, "aa67fe", 0x28, 0x6, 0x0, @local, @dev, {[], @payload_named={{{{{0x28, 0x0, 0x0, 0x0, 0x0, 0xa}}}}}}}}}}, 0x0) 14:12:37 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:37 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) [ 452.083249] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 452.119624] overlayfs: missing 'lowerdir' 14:12:37 executing program 2: perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_QUEUE_SEQ(r2, 0x6, 0x15, &(0x7f0000000000), 0x4) 14:12:37 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 452.185075] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12297 sclass=netlink_route_socket pig=29099 comm=syz-executor.3 [ 452.208045] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore 14:12:37 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) [ 452.265568] overlayfs: missing 'lowerdir' 14:12:37 executing program 2: r0 = perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x0) 14:12:37 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x0, 0x1) [ 452.304191] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12297 sclass=netlink_route_socket pig=29118 comm=syz-executor.3 14:12:37 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(0x0, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:37 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x10, 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, r2, 0x0, 0x80000001) [ 452.375059] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore 14:12:37 executing program 2: [ 452.424705] overlayfs: missing 'lowerdir' 14:12:37 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(0x0, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:37 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:37 executing program 2: [ 452.482605] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12297 sclass=netlink_route_socket pig=29135 comm=syz-executor.3 14:12:37 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x10, 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, r2, 0x0, 0x80000001) 14:12:37 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000540)='./bus\x00') mknod$loop(&(0x7f0000000080)='./file0/file0\x00', 0x0, 0x1) 14:12:37 executing program 2: 14:12:37 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(0x0, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:37 executing program 5: socketpair$unix(0x1, 0x1, 0x0, 0x0) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) [ 452.589712] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 452.613895] overlayfs: missing 'lowerdir' [ 452.683282] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12297 sclass=netlink_route_socket pig=29153 comm=syz-executor.3 14:12:37 executing program 5: socketpair$unix(0x1, 0x1, 0x0, 0x0) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:38 executing program 2: 14:12:38 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, &(0x7f0000000100)) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:38 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x10, 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, r2, 0x0, 0x80000001) [ 452.795858] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore 14:12:38 executing program 2: [ 452.860237] overlayfs: missing 'lowerdir' 14:12:38 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, &(0x7f0000000100)) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:38 executing program 5: socketpair$unix(0x1, 0x1, 0x0, 0x0) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) [ 452.895360] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12297 sclass=netlink_route_socket pig=29173 comm=syz-executor.3 14:12:38 executing program 2: 14:12:38 executing program 2: r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_config_ext={0x0, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xe8) connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0) shmctl$IPC_SET(r1, 0x1, &(0x7f00000002c0)={{0x0, 0xee01, 0x0, 0x0, 0x0, 0x0, 0xb}}) syz_open_dev$loop(0x0, 0x0, 0x0) r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$SIOCRSACCEPT(r2, 0x89e3) dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) 14:12:38 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, &(0x7f0000000100)) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:38 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x10, 0x3, 0x0) sendfile(r1, 0xffffffffffffffff, 0x0, 0x80000001) 14:12:38 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:38 executing program 1: [ 452.995330] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 453.032962] overlayfs: missing 'lowerdir' 14:12:38 executing program 1: 14:12:38 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, 0x0) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:38 executing program 2: r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_config_ext={0x0, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xe8) connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0) shmctl$IPC_SET(r1, 0x1, &(0x7f00000002c0)={{0x0, 0xee01, 0x0, 0x0, 0x0, 0x0, 0xb}}) syz_open_dev$loop(0x0, 0x0, 0x0) r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$SIOCRSACCEPT(r2, 0x89e3) dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) 14:12:38 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:38 executing program 1: [ 453.128790] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 453.161224] overlayfs: missing 'lowerdir' 14:12:38 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x10, 0x3, 0x0) sendfile(r1, 0xffffffffffffffff, 0x0, 0x80000001) 14:12:38 executing program 1: 14:12:38 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, 0x0) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:38 executing program 2: [ 453.268800] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 453.327808] overlayfs: missing 'lowerdir' 14:12:38 executing program 1: 14:12:38 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:38 executing program 2: 14:12:38 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x10, 0x3, 0x0) sendfile(r1, 0xffffffffffffffff, 0x0, 0x80000001) 14:12:38 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, 0x0) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:38 executing program 1: 14:12:38 executing program 2: [ 453.430941] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 453.454862] overlayfs: missing 'lowerdir' 14:12:38 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:38 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:38 executing program 1: 14:12:38 executing program 2: 14:12:38 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(0xffffffffffffffff, r1, 0x0, 0x80000001) 14:12:38 executing program 1: 14:12:38 executing program 2: 14:12:38 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) [ 453.570006] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 453.605317] overlayfs: missing 'lowerdir' 14:12:38 executing program 1: 14:12:38 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:38 executing program 2: 14:12:38 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(0xffffffffffffffff, r1, 0x0, 0x80000001) 14:12:38 executing program 2: 14:12:38 executing program 1: 14:12:38 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) [ 453.709232] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 453.730209] overlayfs: missing 'lowerdir' 14:12:39 executing program 1: 14:12:39 executing program 2: 14:12:39 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:39 executing program 1: 14:12:39 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(0xffffffffffffffff, r1, 0x0, 0x80000001) [ 453.822770] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 453.858769] overlayfs: missing 'lowerdir' 14:12:39 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:39 executing program 1: 14:12:39 executing program 2: 14:12:39 executing program 2: 14:12:39 executing program 1: 14:12:39 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:39 executing program 3: openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) r0 = socket(0x10, 0x3, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r0, r1, 0x0, 0x80000001) [ 453.965527] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore 14:12:39 executing program 2: 14:12:39 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) [ 454.039991] overlayfs: missing 'lowerdir' 14:12:39 executing program 2: 14:12:39 executing program 1: 14:12:39 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:39 executing program 2: [ 454.106515] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12297 sclass=netlink_route_socket pig=29302 comm=syz-executor.3 [ 454.138118] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore 14:12:39 executing program 1: 14:12:39 executing program 3: openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) r0 = socket(0x10, 0x3, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r0, r1, 0x0, 0x80000001) [ 454.188468] overlayfs: missing 'lowerdir' 14:12:39 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:39 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:39 executing program 2: 14:12:39 executing program 1: [ 454.262673] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12297 sclass=netlink_route_socket pig=29316 comm=syz-executor.3 14:12:39 executing program 2: 14:12:39 executing program 1: 14:12:39 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:39 executing program 3: openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) r0 = socket(0x10, 0x3, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r0, r1, 0x0, 0x80000001) [ 454.305841] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 454.339567] overlayfs: missing 'lowerdir' 14:12:39 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:39 executing program 1: 14:12:39 executing program 2: 14:12:39 executing program 1: [ 454.448221] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12297 sclass=netlink_route_socket pig=29333 comm=syz-executor.3 [ 454.479742] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore 14:12:39 executing program 2: 14:12:39 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:39 executing program 3: ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r0 = socket(0x10, 0x3, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r0, r1, 0x0, 0x80000001) [ 454.524523] overlayfs: missing 'lowerdir' 14:12:39 executing program 1: 14:12:39 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:39 executing program 2: 14:12:39 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:39 executing program 1: [ 454.628488] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12297 sclass=netlink_route_socket pig=29345 comm=syz-executor.3 14:12:39 executing program 2: 14:12:39 executing program 1: [ 454.696171] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore 14:12:40 executing program 3: ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r0 = socket(0x10, 0x3, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r0, r1, 0x0, 0x80000001) [ 454.743284] overlayfs: missing 'lowerdir' 14:12:40 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400), 0x0) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:40 executing program 2: 14:12:40 executing program 1: 14:12:40 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) [ 454.817410] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12297 sclass=netlink_route_socket pig=29357 comm=syz-executor.3 14:12:40 executing program 2: 14:12:40 executing program 1: 14:12:40 executing program 3: ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r0 = socket(0x10, 0x3, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r0, r1, 0x0, 0x80000001) 14:12:40 executing program 2: 14:12:40 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400), 0x0) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:40 executing program 1: [ 454.947346] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore 14:12:40 executing program 3: r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x10, 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, r2, 0x0, 0x80000001) 14:12:40 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000001440)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0x40405515, &(0x7f0000000140)={{0x0, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x1, 0x0, 0x7, 0x0, 0x0, 0x0, 'syz0\x00', 0x0, 0x0, [], [0x6, 0x3f]}) [ 455.004899] overlayfs: missing 'lowerdir' 14:12:40 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffff9}]}) set_robust_list(&(0x7f0000000100), 0x18) 14:12:40 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r2, 0x4, 0x6100) write$cgroup_type(r2, &(0x7f0000000200)='threaded\x00', 0x175d900f) r3 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000003740)='NLBL_UNLBL\x00') sendmsg$NLBL_UNLABEL_C_STATICLIST(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="6000000030a4ff5117df45b6786a4261850a9b5219a53afb68795f6b2783b535fb70b7bd9313a4021cea0bc9d5121899fc", @ANYRES16=r3, @ANYBLOB="020000000000ffdbdf25050000001400060076657468305f746f5f626f6e640000002d00070073797374656d5f753a6f626a6563745f723a7075626c69635f636f6e74656e745f72775f743a73300000000008000400ffffffff"], 0x3}}, 0x0) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r2, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x84, r3, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @empty}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @private=0xa010102}, @NLBL_UNLABEL_A_SECCTX={0x28, 0x7, 'system_u:object_r:ptchown_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @ipv4={[], [], @broadcast}}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @dev={0xac, 0x14, 0x14, 0x2b}}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'syzkaller1\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @empty}]}, 0x84}, 0x1, 0x0, 0x0, 0x8090}, 0x2004) r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 14:12:40 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:40 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400), 0x0) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:40 executing program 3: r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x10, 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, r2, 0x0, 0x80000001) 14:12:40 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:40 executing program 2: r0 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="45e9aed12f060000000000000025d86800278dcff47d010000805acf4f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc00000000000000000000000000000068e9d3a60a6638d827e6b924fa38cb0ac9a54e6717be51823a60c823ae54f0f62e726a997709e4f607e04587cc1e6ffdd38bac11ef386a6345c45249749969439ffd339708a8db36eff87d320034e4acdb77ad04e6071c248ecaba793a4f7c1b09632388cd8558c93fba01c0f3736bb72ca1e78542e11f939f0265c321aba72a56c891cc69a0b4dafbc31dadd5d935266994d6b13f483f4cc8ca4172e39d1f4eabf12903027e870e56a000c308526cc9c456704d52e234f85a0f395f32fd031fa0670d076456", 0x10e}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000}}}, 0x78) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 14:12:40 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90", 0x3f) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:40 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:40 executing program 3: r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x10, 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, r2, 0x0, 0x80000001) [ 455.281099] ptrace attach of "/root/syz-executor.2"[29398] was attempted by "/root/syz-executor.2"[29404] 14:12:40 executing program 3: openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r0 = socket(0x10, 0x3, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r0, r1, 0x0, 0x80000001) 14:12:40 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90", 0x3f) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 455.318877] audit: type=1326 audit(1588169560.551:31): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29378 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 [ 455.576079] *** Guest State *** [ 455.579524] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 455.590304] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 455.599334] CR3 = 0x00000000fffbc000 [ 455.604070] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 455.611054] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 455.617192] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 455.624906] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 455.633731] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 455.642873] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 455.651952] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 455.660815] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 455.668988] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 455.678701] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 455.687432] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 455.695897] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 455.704234] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 455.712504] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 455.719215] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 455.727064] Interruptibility = 00000000 ActivityState = 00000000 [ 455.733686] *** Host State *** [ 455.737114] RIP = 0xffffffff8117dacf RSP = 0xffff88804fb7f9b0 [ 455.743356] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 455.750104] FSBase=00007f8986666700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 455.758263] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 455.764614] CR0=0000000080050033 CR3=0000000091ecf000 CR4=00000000001426f0 [ 455.772014] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 455.778993] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 455.785353] *** Control State *** [ 455.789062] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 455.796269] EntryControls=0000d1ff ExitControls=002fefff [ 455.802001] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 455.809143] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 455.816318] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 455.823172] reason=80000021 qualification=0000000000000000 [ 455.829656] IDTVectoring: info=00000000 errcode=00000000 [ 455.835587] TSC Offset = 0xffffff08bb5db267 [ 455.840230] EPT pointer = 0x000000008d84101e [ 455.844778] Virtual processor ID = 0x0001 14:12:41 executing program 1: [ 455.893583] audit: type=1326 audit(1588169561.131:32): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29378 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 14:12:41 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3c, 0x3}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9c}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$FUSE_POLL(r4, &(0x7f0000000000)={0x18, 0xffffffffffffffda, 0x8, {0x98}}, 0x18) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:12:41 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, 0x0, &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:41 executing program 2: 14:12:41 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90", 0x3f) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:41 executing program 3: openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r0 = socket(0x10, 0x3, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r0, r1, 0x0, 0x80000001) 14:12:41 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffff9}]}) r0 = socket$unix(0x1, 0x5, 0x0) shutdown(r0, 0x0) 14:12:41 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf2", 0x5e) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:41 executing program 3: openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r0 = socket(0x10, 0x3, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r0, r1, 0x0, 0x80000001) 14:12:41 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, 0x0, &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:41 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffff9}]}) clock_nanosleep(0x0, 0x0, &(0x7f0000000080), 0x0) [ 456.083553] audit: type=1326 audit(1588169561.321:33): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29438 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 14:12:41 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf2", 0x5e) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:41 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, 0x0, &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) [ 456.175744] audit: type=1326 audit(1588169561.411:34): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29446 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 [ 456.392858] *** Guest State *** [ 456.396249] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 456.405302] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 456.414445] CR3 = 0x00000000fffbc000 [ 456.418153] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 456.424205] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 456.430611] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 456.437283] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 456.446111] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 456.454778] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 456.463400] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 456.472335] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 456.480911] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 456.488889] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 456.497636] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 456.506209] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 456.514844] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 456.523468] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 456.530186] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 456.537764] Interruptibility = 00000000 ActivityState = 00000000 [ 456.544310] *** Host State *** [ 456.547666] RIP = 0xffffffff8117dacf RSP = 0xffff8880533e79b0 [ 456.553921] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 456.560465] FSBase=00007f8986644700 GSBase=ffff8880aeb00000 TRBase=fffffe0000003000 [ 456.568499] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 456.574739] CR0=0000000080050033 CR3=0000000089c64000 CR4=00000000001426e0 [ 456.581923] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 456.588792] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 456.595007] *** Control State *** [ 456.598514] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 456.605484] EntryControls=0000d1ff ExitControls=002fefff [ 456.611549] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 456.618617] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 456.625961] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 456.632858] reason=80000021 qualification=0000000000000000 [ 456.639259] IDTVectoring: info=00000000 errcode=00000000 [ 456.645113] TSC Offset = 0xffffff08513f7beb [ 456.649467] EPT pointer = 0x000000009343f01e [ 456.654222] Virtual processor ID = 0x0001 [ 456.873839] audit: type=1326 audit(1588169562.111:35): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29438 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 [ 456.969089] audit: type=1326 audit(1588169562.201:36): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29446 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 14:12:42 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:42 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) r1 = socket(0x10, 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, r2, 0x0, 0x80000001) 14:12:42 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf2", 0x5e) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:42 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffff9}]}) link(0x0, 0x0) 14:12:42 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffff9}]}) prlimit64(0x0, 0x0, 0x0, 0x0) 14:12:42 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x48, 0x3, 0x1, 0x3, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x200}]}, 0x48}}, 0x0) ioctl$VIDIOC_DQBUF(r4, 0xc0585611, &(0x7f00000000c0)={0xfffffffc, 0x5, 0x4, 0x10, 0x798, {0x0, 0x2710}, {0x3, 0x0, 0xc, 0x8, 0xcd, 0x7f, "5834064c"}, 0x1, 0x2, @fd, 0x5, 0x0, r5}) ioctl$TIOCSPGRP(r6, 0x5410, &(0x7f0000000000)=r0) 14:12:42 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:42 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) r1 = socket(0x10, 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, r2, 0x0, 0x80000001) 14:12:42 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a7", 0x6e) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:42 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) 14:12:42 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) r1 = socket(0x10, 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, r2, 0x0, 0x80000001) [ 457.129346] audit: type=1326 audit(1588169562.361:37): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29483 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 14:12:42 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, 0x0) [ 457.238440] audit: type=1326 audit(1588169562.451:38): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29486 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 14:12:42 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a7", 0x6e) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 457.285340] selinux_nlmsg_perm: 9 callbacks suppressed [ 457.285349] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12297 sclass=netlink_route_socket pig=29513 comm=syz-executor.3 [ 457.344960] overlayfs: missing 'lowerdir' 14:12:42 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, 0x0) 14:12:42 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00'}) r1 = socket(0x10, 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, r2, 0x0, 0x80000001) [ 457.453489] *** Guest State *** [ 457.456896] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 457.468464] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12297 sclass=netlink_route_socket pig=29529 comm=syz-executor.3 [ 457.482232] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 457.500738] CR3 = 0x00000000fffbc000 [ 457.505515] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 457.513069] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 457.519251] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 457.527133] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 457.536893] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 457.546178] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 457.556735] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 457.565942] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 457.574862] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 457.584026] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 457.593091] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 457.602522] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 457.611265] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 457.619292] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 457.626853] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 457.635335] Interruptibility = 00000000 ActivityState = 00000000 [ 457.642669] *** Host State *** [ 457.645951] RIP = 0xffffffff8117dacf RSP = 0xffff888051c2f9b0 [ 457.652927] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 457.659408] FSBase=00007f8986666700 GSBase=ffff8880aeb00000 TRBase=fffffe0000034000 [ 457.668361] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 457.675068] CR0=0000000080050033 CR3=000000009f094000 CR4=00000000001426e0 [ 457.683964] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 457.691382] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 457.697502] *** Control State *** [ 457.702663] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 457.709374] EntryControls=0000d1ff ExitControls=002fefff [ 457.715778] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 457.723543] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 457.731055] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 457.737854] reason=80000021 qualification=0000000000000000 [ 457.745331] IDTVectoring: info=00000000 errcode=00000000 [ 457.751715] TSC Offset = 0xffffff07c183df26 [ 457.756122] EPT pointer = 0x000000009e87101e [ 457.762016] Virtual processor ID = 0x0001 14:12:43 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffff9}]}) io_getevents(0x0, 0x0, 0x0, 0x0, 0x0) 14:12:43 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffff9}]}) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x15) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 457.915371] audit: type=1326 audit(1588169563.151:39): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29483 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 [ 457.939886] audit: type=1326 audit(1588169563.171:40): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29486 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 14:12:43 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a7", 0x6e) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:43 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, 0x0) 14:12:43 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00'}) r1 = socket(0x10, 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, r2, 0x0, 0x80000001) 14:12:43 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[], [], 0x2c}) 14:12:43 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2", 0x76) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:43 executing program 4: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="280000001000010400"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\t\x00\x00\b\x00\n\x00', @ANYRES32=r4, @ANYBLOB="f2c7b3764d698d7543f01763d9d682c334254709327bec8deb84a7640d46b8eaa5104f00bfdd950168bf57cf78e7b65b1c2f5155e47e26271c91ca9cc98af24978d402e4d6ae155c85f1a213d1a1658156bad1aec6715e52e0dabd6aff30f6d9188ee57ae41a013ee5bb39d6e753fdb0bbedbd31a7dc287cded26de950028153d234dfc18d5029efdfa70489ec92b022f07a622b11354614a6c173000987a45e07e57277555fae43631cd0a0fd3ffdfcb4673f8ce4b3cb99d0c13d96040f9746130ceb2eb9ee73a5074518d5a0c6ddee50834b50d385bb3f517ec26e20414873a324f5f5e16ef643cd03be9ffd5deb3285c18d5f0b3edb4f216c6547d448fbfaa00c005f121bb22228c3aaba1da0f6e08620b9996eb60592274b0b730113fe0479e593464ac217a0a401d2fc557061ee4b10a1d24eb8ed28a3400964acdcd81d813caed40039078a7cd27e36146daf7ac9e9"], 0x28}}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000300)={'vlan0\x00'}) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="280000060000000400"/20, @ANYRES16=r0, @ANYBLOB='\x00\x00\x00\x00\x00\t\x00\x00\b\x00\n\x00', @ANYRES32=r8, @ANYRES16=r2], 0x5}, 0x1, 0x0, 0x0, 0x20040000}, 0x0) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="ea080000", @ANYRES16=0x0, @ANYBLOB="00022dbd7000fbdbdf2506000000180001801400020069703665727370616e300000000000f00bcbe88008000300030000003400018014000200626f6e645f736c6176655f31000000001400020064756d6d7930000000000000000000000800010060926737edad0c222520e3da50e2c1fced8ba1c7e261afa5f60f7b0e99d418d71df30ada4644fa0e1eb0635cc45434ed4a6d0e509cca64808d498e626f828c2d326c39351a76f18bae53a73f68478de669001e2763437e4931d49bf71a675599647a105f93c6cfb10da68b376f6f95d3e0b41646f9a8b38c8887dde825b9d7fdd1f2ee24dc758bb3f248880b06c1711772badffed7757bfd8b0ff5d02c0317b7549d", @ANYRES32=r4, @ANYBLOB="6800018008000100", @ANYRES32=0x0, @ANYBLOB="080003000200000008000100", @ANYRES32=0x0, @ANYBLOB="1400020076657468305f746f5f7465616d00000008000100", @ANYRES32=r8, @ANYBLOB="080003000300000014000200766c616e30000000000000000000000014000200766c616e3100"/48], 0xd4}, 0x1, 0x0, 0x0, 0x90}, 0x20040000) r9 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) ioctl$KVM_SET_REGS(r10, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r10, 0xae80, 0x0) 14:12:43 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00'}) r1 = socket(0x10, 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, r2, 0x0, 0x80000001) [ 458.076605] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12297 sclass=netlink_route_socket pig=29554 comm=syz-executor.3 [ 458.103769] overlayfs: missing 'lowerdir' 14:12:43 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[], [], 0x2c}) 14:12:43 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2", 0x76) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 458.201799] overlayfs: missing 'lowerdir' [ 458.243887] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12297 sclass=netlink_route_socket pig=29570 comm=syz-executor.3 14:12:43 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x848100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000000)={[], [], 0x2c}) [ 458.288138] overlayfs: missing 'lowerdir' [ 458.417418] *** Guest State *** [ 458.421630] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 458.433732] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 458.443872] CR3 = 0x00000000fffbc000 [ 458.447821] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 458.455056] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 458.462043] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 458.468910] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 458.478150] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 458.487413] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 458.496445] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 458.505032] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 458.513412] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 458.521964] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 458.530185] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 458.538209] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 458.551248] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 458.559424] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 458.566056] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 458.573784] Interruptibility = 00000000 ActivityState = 00000000 [ 458.580202] *** Host State *** [ 458.583443] RIP = 0xffffffff8117dacf RSP = 0xffff8880a436f9b0 [ 458.589485] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 458.596345] FSBase=00007f8986666700 GSBase=ffff8880aeb00000 TRBase=fffffe0000034000 [ 458.604435] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 458.610652] CR0=0000000080050033 CR3=00000000956b3000 CR4=00000000001426e0 [ 458.617813] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 458.625371] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 458.631792] *** Control State *** [ 458.635309] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 458.642121] EntryControls=0000d1ff ExitControls=002fefff [ 458.647661] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 458.654859] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 458.661851] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 458.668620] reason=80000021 qualification=0000000000000000 [ 458.675248] IDTVectoring: info=00000000 errcode=00000000 [ 458.680931] TSC Offset = 0xffffff07363f0635 [ 458.685338] EPT pointer = 0x000000009376601e [ 458.690128] Virtual processor ID = 0x0001 14:12:44 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffff9}]}) timerfd_gettime(0xffffffffffffffff, 0x0) 14:12:44 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x0, 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, r2, 0x0, 0x80000001) 14:12:44 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2", 0x76) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:44 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffff9}]}) getgroups(0x0, 0x0) 14:12:44 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000040)={r6, 0x4c, "9536a6435f539ab97b3f416d7ac184c928cdd2bf7386b793257e39cc8d829b747e148558bdebbd05170919be1753d5176b12e793ff9a486f9717552abd0f854825137fd9d42c4a0438c63acf"}, &(0x7f00000001c0)=0xfffffd72) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000000)={r6, 0x8, 0x9, 0x49, 0x100, 0xe7d}, &(0x7f00000000c0)=0x14) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000100)={r7, 0x5a0}, &(0x7f0000000140)=0x8) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:12:44 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000200)={0x1, &(0x7f0000000040)=[{0x6}]}) 14:12:44 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c03166", 0x7a) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:44 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x0, 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, r2, 0x0, 0x80000001) 14:12:44 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c03166", 0x7a) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:44 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c03166", 0x7a) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:44 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x0, 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, r2, 0x0, 0x80000001) 14:12:44 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090", 0x7c) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 459.177208] *** Guest State *** [ 459.190953] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 459.202505] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 459.231620] CR3 = 0x00000000fffbc000 [ 459.235413] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 459.242806] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 459.248893] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 459.257906] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 459.275940] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 459.284588] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 459.294403] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 459.304058] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 459.314075] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 459.326643] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 459.335264] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 459.343809] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 459.352196] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 459.360733] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 459.367417] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 459.375077] Interruptibility = 00000000 ActivityState = 00000000 [ 459.385505] *** Host State *** [ 459.388701] RIP = 0xffffffff8117dacf RSP = 0xffff88804a9ff9b0 [ 459.395878] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 459.405962] FSBase=00007f8986644700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 459.414379] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 459.423809] CR0=0000000080050033 CR3=00000000a554e000 CR4=00000000001426f0 [ 459.431475] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 459.438232] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 459.445448] *** Control State *** [ 459.448906] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 459.456588] EntryControls=0000d1ff ExitControls=002fefff [ 459.462661] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 459.470457] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 459.477209] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 459.484676] reason=80000021 qualification=0000000000000000 [ 459.491545] IDTVectoring: info=00000000 errcode=00000000 [ 459.497055] TSC Offset = 0xffffff06e35888f6 [ 459.502859] EPT pointer = 0x00000000925b501e [ 459.507546] Virtual processor ID = 0x0001 14:12:45 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0xfffffff7}]}) writev(0xffffffffffffffff, 0x0, 0x0) 14:12:45 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x10, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, r2, 0x0, 0x80000001) 14:12:45 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090", 0x7c) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:45 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) ptrace$getenv(0x4201, r1, 0x10001, &(0x7f0000000000)) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0xf000, 0x20000}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 14:12:45 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffff9}]}) uname(&(0x7f0000000040)=""/13) 14:12:45 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffff9}]}) r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000001580)='/proc/self/attr/sockcreate\x00', 0x2, 0x0) sync_file_range(r0, 0x0, 0x0, 0x0) 14:12:45 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090", 0x7c) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:45 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x10, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, r2, 0x0, 0x80000001) 14:12:45 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, 0x0) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:45 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, 0x0) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:45 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x10, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, r2, 0x0, 0x80000001) [ 460.007441] *** Guest State *** [ 460.015625] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 460.039409] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 460.049590] CR3 = 0x00000000fffbc000 14:12:45 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, 0x0) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 460.058440] RSP = 0x0000000000000000 RIP = 0x000000000000f000 [ 460.065588] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 460.086087] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 460.101187] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 460.116811] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 460.144624] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 460.155522] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 460.166843] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 460.177805] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 460.188681] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 460.198577] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 460.208700] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 460.217852] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 460.237881] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 460.245787] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 460.257218] Interruptibility = 00000000 ActivityState = 00000000 [ 460.264061] *** Host State *** [ 460.267440] RIP = 0xffffffff8117dacf RSP = 0xffff88804f97f9b0 [ 460.277235] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 460.284395] FSBase=00007f8986666700 GSBase=ffff8880aea00000 TRBase=fffffe0000034000 [ 460.293142] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 460.299164] CR0=0000000080050033 CR3=000000009f541000 CR4=00000000001426f0 [ 460.307281] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 460.315459] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 460.322555] *** Control State *** [ 460.326295] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 460.333672] EntryControls=0000d1ff ExitControls=002fefff [ 460.339330] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 460.346583] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 460.353863] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 460.361552] reason=80000021 qualification=0000000000000000 [ 460.367949] IDTVectoring: info=00000000 errcode=00000000 [ 460.373775] TSC Offset = 0xffffff065e263f06 [ 460.378174] EPT pointer = 0x000000008682901e [ 460.382819] Virtual processor ID = 0x0001 [ 460.618456] kauditd_printk_skb: 13 callbacks suppressed [ 460.618464] audit: type=1326 audit(1588169565.851:54): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29672 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 14:12:45 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffff9}]}) timer_create(0x0, 0x0, &(0x7f0000000140)) 14:12:45 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:45 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x10, 0x3, 0x0) r2 = syz_open_procfs(0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 14:12:45 executing program 4: perf_event_open(&(0x7f0000000040)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') sendmsg$IPVS_CMD_NEW_DAEMON(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0112000000009ac70000090000003c00030014000600ff090000002e000000000000000000010800030000000000140002007663616e3000000000000000000000000800010002000000"], 0x50}}, 0x0) sendmsg$IPVS_CMD_SET_INFO(r4, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r6, 0x2, 0x70bd2b, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x6}, @IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipvlan1\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x9}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40004}, 0x894) r7 = shmget(0x2, 0x3000, 0x20, &(0x7f0000ffb000/0x3000)=nil) shmctl$SHM_STAT(r7, 0xd, &(0x7f0000000000)=""/36) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) 14:12:45 executing program 2: r0 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="45e9aed12f060000000000000025d86800278dcff47d010000805acf4f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc00000000000000000000000000000068e9d3a60a6638d827e6b924fa38cb0ac9a54e6717be51823a60c823ae54f0f62e726a997709e4f607e04587cc1e6ffdd38bac11ef386a6345c45249749969439ffd339708a8db36eff87d320034e4acdb77ad04e6071c248ecaba793a4f7c1b09632388cd8558c93fba01c0f3736bb72ca1e78542e11f939f0265c321aba72a56c891cc69a0b4dafbc31dadd5d935266994d6b13f483f4cc8ca4172e39d1f4eabf12903027e870e56a000c308526cc9c456704d52e234f85a0f395f32fd", 0x106}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0xe3cb}}}, 0x78) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 14:12:45 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffff9}]}) fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) [ 460.647671] audit: type=1326 audit(1588169565.881:55): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29673 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 [ 460.678564] audit: type=1326 audit(1588169565.911:56): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29676 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 14:12:46 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:46 executing program 2: r0 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="45e9aed12f060000000000000025d86800278dcff47d010000805acf4f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc00000000000000000000000000000068e9d3a60a6638d827e6b924fa38cb0ac9a54e6717be51823a60c823ae54f0f62e726a997709e4f607e04587cc1e6ffdd38bac11ef386a6345c45249749969439ffd339708a8db36eff87d320034e4acdb77ad04e6071c248ecaba793a4f7c1b09632388cd8558c93fba01c0f3736bb72ca1e78542e11f939f0265c321aba72a56c891cc69a0b4dafbc31dadd5d935266994d6b13f483f4cc8ca4172e39d1f4eabf12903027e870e56a000c308526cc9c456704d52e234f85a0f395f32fd", 0x106}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0xe3cb}}}, 0x78) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 14:12:46 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x10, 0x3, 0x0) r2 = syz_open_procfs(0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) [ 460.783444] audit: type=1326 audit(1588169566.021:57): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29733 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 [ 460.787652] ptrace attach of "/root/syz-executor.2"[29741] was attempted by "/root/syz-executor.2"[29750] [ 460.856357] audit: type=1326 audit(1588169566.061:58): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29735 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 14:12:46 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 460.912747] *** Guest State *** [ 460.916157] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 460.934102] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 460.967484] CR3 = 0x00000000fffbc000 14:12:46 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:46 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x10, 0x3, 0x0) r2 = syz_open_procfs(0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) [ 460.989307] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 460.997215] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 461.007003] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 461.027278] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 461.052571] IPVS: Error joining to the multicast group [ 461.063968] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 461.072659] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 461.087104] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 461.095680] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 461.113318] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 461.122195] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 461.130319] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 461.138455] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 461.147279] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 461.155869] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 461.162437] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 461.170041] Interruptibility = 00000000 ActivityState = 00000000 [ 461.176266] *** Host State *** [ 461.179445] RIP = 0xffffffff8117dacf RSP = 0xffff88805093f9b0 [ 461.185500] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 461.197827] FSBase=00007f8986666700 GSBase=ffff8880aea00000 TRBase=fffffe0000034000 [ 461.205737] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 461.211702] CR0=0000000080050033 CR3=00000000942d5000 CR4=00000000001426f0 [ 461.218724] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 461.225620] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 461.231867] *** Control State *** [ 461.235329] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 461.243037] EntryControls=0000d1ff ExitControls=002fefff [ 461.248508] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 461.256400] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 461.263724] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 461.271527] reason=80000021 qualification=0000000000000000 [ 461.277866] IDTVectoring: info=00000000 errcode=00000000 [ 461.284061] TSC Offset = 0xffffff05df02f7f6 [ 461.288393] EPT pointer = 0x00000000a058401e [ 461.293773] Virtual processor ID = 0x0001 [ 461.572760] audit: type=1326 audit(1588169566.811:59): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29733 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 14:12:46 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffff9}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffff9}]}) sysfs$3(0x3) 14:12:46 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:46 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) socket(0x10, 0x3, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(0xffffffffffffffff, r1, 0x0, 0x80000001) [ 461.603068] audit: type=1326 audit(1588169566.841:60): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29735 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 14:12:46 executing program 5: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) semget(0x0, 0x1, 0x0) 14:12:47 executing program 4: perf_event_open(&(0x7f0000000040)={0x3, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x48, 0x3, 0x1, 0x3, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x200}]}, 0x48}}, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f00000003c0)=ANY=[@ANYRES32=r6, @ANYBLOB="4c0000009536a6435f539ab97b3f416d7ac184c928cdd2bf7386b793257e39cc8d829b747e148558bdebbd05170919be1753d5176b12e793ff9a486f9717552abd0f854825137fd9d42c4a0438c63acf40991189b7764f9cc8cdf87279c0ea3f0831bbbe0be269f82f37ad19d66ec2c631ce8e35539930caa7cabed7a4810b3d88c728142141e7f7ed09e0aa0b2f0413957650f8fdb7a2b71f6ac697af872458159271af7e325aff486033fcf5421d3bf1a8074155a0c2946d41e7aa43a0f146a4f88e2f2d867247c207eb026be7aa2164d56b511571df704638c1c4f4cbfb262583d4ef932ab37620d3319c2558231e394c0d57154fdd6ce3c7cb139658cc00858e1c9e3dcf66c4535df6f33e7d3ce5929cefd46bd58c5fd76d30a34b1f104a5faf9d378b9bfc46fb5b6e"], &(0x7f00000001c0)=0xfffffd72) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r4, 0x84, 0x10, &(0x7f00000000c0)=@assoc_value={r6, 0x80000000}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000140)={r7, 0x3, 0x0, 0x2, 0xf7}, &(0x7f0000000180)=0x18) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vxcan1\x00'}) r8 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r8, 0xae80, 0x0) 14:12:47 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) socket(0x10, 0x3, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(0xffffffffffffffff, r1, 0x0, 0x80000001) 14:12:47 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 461.714847] audit: type=1326 audit(1588169566.951:61): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29795 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 [ 461.776940] audit: type=1326 audit(1588169567.001:62): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29795 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 [ 461.909386] *** Guest State *** [ 461.912934] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 461.924096] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 461.938615] CR3 = 0x00000000fffbc000 [ 461.942616] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 461.948955] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 461.961083] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 461.968072] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 461.977722] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 461.986141] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 461.994415] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 462.003014] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 462.011414] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 462.019683] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 462.027781] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 462.036185] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 462.044325] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 462.053079] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 462.059720] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 462.067236] Interruptibility = 00000000 ActivityState = 00000000 [ 462.073587] *** Host State *** [ 462.076992] RIP = 0xffffffff8117dacf RSP = 0xffff888056c479b0 [ 462.083154] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 462.089689] FSBase=00007f8986645700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 462.097615] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 462.103818] CR0=0000000080050033 CR3=000000009baf7000 CR4=00000000001426f0 [ 462.111378] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 462.118328] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 462.124487] *** Control State *** [ 462.128032] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 462.134887] EntryControls=0000d1ff ExitControls=002fefff [ 462.140584] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 462.147633] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 462.154486] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 462.161265] reason=80000021 qualification=0000000000000000 [ 462.167697] IDTVectoring: info=00000000 errcode=00000000 [ 462.173833] TSC Offset = 0xffffff05565a7bd9 [ 462.178382] EPT pointer = 0x000000008690401e [ 462.182938] Virtual processor ID = 0x0001 [ 462.508361] audit: type=1326 audit(1588169567.741:63): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29795 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 14:12:49 executing program 2: r0 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="45e9aed12f060000000000000025d86800278dcff47d010000805acf4f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc00000000000000000000000000000068e9d3a60a6638d827e6b924fa38cb0ac9a54e6717be51823a60c823ae54f0f62e726a997709e4f607e04587cc1e6ffdd38bac11ef386a6345c45249749969439ffd339708a8db36eff87d320034e4acdb77ad04e6071c248ecaba793a4f7c1b09632388cd8558c93fba01c0f3736bb72ca1e78542e11f939f0265c321aba72a56c891cc69a0b4dafbc31dadd5d935266994d6b13f483f4cc8ca4172e39d1f4eabf12903027e870e56a000c308526cc9c456704d52e234f85a0f395f32fd", 0x106}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0xe3cb}}}, 0x78) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 14:12:49 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:49 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) socket(0x10, 0x3, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(0xffffffffffffffff, r1, 0x0, 0x80000001) 14:12:49 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41d1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmmsg(r0, &(0x7f0000008880), 0x4000000000005e3, 0x44000102, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 14:12:49 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffff9}]}) ustat(0x2, &(0x7f0000000080)) 14:12:49 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x20140, 0x0) ioctl$VIDIOC_G_FREQUENCY(r2, 0xc02c5638, &(0x7f00000000c0)={0x1ff, 0x5, 0x5}) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 14:12:49 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) [ 463.939135] Unknown ioctl -1070836168 14:12:49 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x10, 0x3, 0x0) syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, 0xffffffffffffffff, 0x0, 0x80000001) [ 464.007115] Unknown ioctl -1070836168 14:12:49 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:49 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x9) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$VIDIOC_S_CROP(r2, 0x4014563c, &(0x7f00000000c0)={0x4, {0x3, 0xffffffcd, 0xf803, 0x9}}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:12:49 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x10, 0x3, 0x0) syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, 0xffffffffffffffff, 0x0, 0x80000001) 14:12:49 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, 0x0) 14:12:49 executing program 1: recvmmsg(0xffffffffffffffff, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=""/211, 0xd3}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000400)='net/nf_conntrack_expect\x00') preadv(r0, &(0x7f00000017c0), 0x11c, 0x0) 14:12:52 executing program 2: r0 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="45e9aed12f060000000000000025d86800278dcff47d010000805acf4f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc00000000000000000000000000000068e9d3a60a6638d827e6b924fa38cb0ac9a54e6717be51823a60c823ae54f0f62e726a997709e4f607e04587cc1e6ffdd38bac11ef386a6345c45249749969439ffd339708a8db36eff87d320034e4acdb77ad04e6071c248ecaba793a4f7c1b09632388cd8558c93fba01c0f3736bb72ca1e78542e11f939f0265c321aba72a56c891cc69a0b4dafbc31dadd5d935266994d6b13f483f4cc8ca4172e39d1f4eabf12903027e870e56a000c308526cc9c456704d52e234f85a0f395f32fd", 0x106}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0xe3cb}}}, 0x78) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 14:12:52 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, 0x0) 14:12:52 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x10, 0x3, 0x0) syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, 0xffffffffffffffff, 0x0, 0x80000001) 14:12:52 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0xfffffff9}]}) nanosleep(&(0x7f0000000080), 0x0) 14:12:52 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000040)={r3, 0x4c, "9536a6435f539ab97b3f416d7ac184c928cdd2bf7386b793257e39cc8d829b747e148558bdebbd05170919be1753d5176b12e793ff9a486f9717552abd0f854825137fd9d42c4a0438c63acf"}, &(0x7f00000001c0)=0xfffffd72) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f0000000000)={r3, 0x3, 0x10, 0x0, 0xe10d}, &(0x7f00000000c0)=0x18) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x48, 0x3, 0x1, 0x3, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x200}]}, 0x48}}, 0x0) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000140)=0x720, 0x4) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x4, 0x3, 0x100000000, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2000000, 0x0, 0x3], 0x1000, 0x20002}) connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e20, 0xf8000000, @local, 0x3f6}, 0x1c) ioctl$KVM_RUN(r7, 0xae80, 0x0) 14:12:52 executing program 5: pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) getpeername$netlink(r0, &(0x7f0000000040), &(0x7f0000000080)=0xc) ioctl$DRM_IOCTL_GET_MAP(r0, 0xc0286404, &(0x7f0000000100)={&(0x7f0000ffb000/0x2000)=nil, 0x4, 0x1, 0x2, &(0x7f0000ffc000/0x4000)=nil}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffff9}]}) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/syz1\x00', 0x1ff) syz_mount_image$nfs(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sendmsg$TIPC_CMD_GET_MAX_PORTS(r1, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, 0x0}, 0x20000010) setsockopt$inet6_MCAST_MSFILTER(r2, 0x29, 0x30, &(0x7f0000000240)={0x8, {{0xa, 0x4e21, 0x7eedd465, @private1, 0x81}}, 0x1, 0x1, [{{0xa, 0x4e22, 0x5, @private2, 0xffff}}]}, 0x110) 14:12:52 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, 0x0) [ 466.963766] kauditd_printk_skb: 2 callbacks suppressed [ 466.963772] audit: type=1326 audit(1588169572.201:66): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29917 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 14:12:52 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x0, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:52 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x10, 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, r2, 0x0, 0x0) [ 466.999375] audit: type=1326 audit(1588169572.241:67): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29915 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 14:12:52 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x0, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:52 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x0, 0x400, 0x1ff, 0x40000, 0x7}) 14:12:52 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x10, 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, r2, 0x0, 0x0) [ 467.756139] audit: type=1326 audit(1588169572.992:68): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29917 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 14:12:55 executing program 2: r0 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="45e9aed12f060000000000000025d86800278dcff47d010000805acf4f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc00000000000000000000000000000068e9d3a60a6638d827e6b924fa38cb0ac9a54e6717be51823a60c823ae54f0f62e726a997709e4f607e04587cc1e6ffdd38bac11ef386a6345c45249749969439ffd339708a8db36eff87d320034e4acdb77ad04e6071c248ecaba793a4f7c1b09632388cd8558c93fba01c0f3736bb72ca1e78542e11f939f0265c321aba72a56c891cc69a0b4dafbc31dadd5d935266994d6b13f483f4cc8ca4172e39d1f4eabf12903027e870e56a000c308526cc9c456704d52e234f85a0f395f32fd", 0x106}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0xe3cb}}}, 0x78) ptrace$cont(0x9, r1, 0x0, 0x0) 14:12:55 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x0, 0x1ff, 0x40000, 0x7}) 14:12:55 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2}) r1 = socket(0x10, 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, r2, 0x0, 0x0) 14:12:55 executing program 5: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)={0x5c, 0x0, 0x0, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_SERVICE={0x4}, @IPVS_CMD_ATTR_DEST={0x3c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PORT={0x6}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6}, @IPVS_DEST_ATTR_U_THRESH={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8}]}]}, 0x5c}}, 0x0) r0 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_mreqsrc(r0, 0x0, 0x40, &(0x7f0000000140)={@initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xc) 14:12:55 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffff9}]}) setpgid(0x0, 0x0) 14:12:55 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x50e, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000014c0)='/dev/vcs\x00', 0x10000, 0x0) ioctl$sock_inet6_udp_SIOCOUTQ(r3, 0x5411, &(0x7f0000001500)) renameat(r3, &(0x7f00000000c0)='./bus\x00', r3, &(0x7f0000000100)='./bus\x00') r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140)='l2tp\x00') sendmsg$L2TP_CMD_TUNNEL_CREATE(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000840)=ANY=[@ANYBLOB, @ANYRES16=r7, @ANYBLOB="1709000000000000000001000000"], 0x14}}, 0x0) sendmsg$L2TP_CMD_TUNNEL_DELETE(r5, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000240)={&(0x7f00000003c0)=ANY=[@ANYBLOB="cf2e5326739d81c01bd6a4fb4fbbf050000000", @ANYRES16=r7, @ANYBLOB="000329bd7000fedbdf2502000000050006000800000006000200010000000c000f00ff0f00000000000006001d000900000008001800640101010600010019c7000008001800e0000002"], 0x50}, 0x1, 0x0, 0x0, 0x400c001}, 0x200000c5) close(0xffffffffffffffff) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) write$FUSE_NOTIFY_INVAL_INODE(r5, &(0x7f0000000000)={0x28, 0x2, 0x0, {0x6, 0xffffffffffff5506, 0x7ff}}, 0x28) ioctl$KVM_RUN(r4, 0xae80, 0x0) 14:12:55 executing program 5: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000013c0)={0x2, 0xa, 0x0, 0x3, 0x2}, 0x10}}, 0x0) [ 469.953628] audit: type=1326 audit(1588169575.192:69): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29993 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 14:12:55 executing program 3: pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000180)=ANY=[@ANYBLOB="6d616e676c650000000000000000000000000000000000000000007fd80000001f0000000600000010040000e002000038020000800100003802000038020000780300007803000078030000780300007803000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e70000000000000000000000000000000000c000e80000000000000000000000000000000000000000002800727066696c74657200000000000000000000000000000000000000000000000000000000000028007365740000000000000000000000000000000000000000000000000000010000000000000000280054544c00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff000000000000007000980000000000000000000000000000000000000000002800445343500000000000000000000000000000000000ae51474821ccc6cd000000000000000000e0000002ec1414aa00000000000000000000000000000000000000000000000065707370616e30000000000000000000000000000000000000000000003300000000000000000000000000000000000000000000000000007000b80000000000000000000000000000000000000000004800544545000000000000000000000000000000000000000000000000000001ff0200000000000000000000000000016772653000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000033de000000000000000000000000000000000000000000000000000000000000007000a800000000000000000000000000000000000000000038005345540000000000000000000000000000000000000000000000000000030000040000000000000000acc5e32c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f000000000000000000000000000000000000000000000000000000000000000000000000700098000000000000000000000000000000000000000000280054544c0000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000040000000000000000000000000000000000000000000000200000feffffff"], 0x1) r3 = socket$inet_udp(0x2, 0x2, 0x0) fcntl$setpipe(r0, 0x407, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) bind$inet(r3, &(0x7f00000002c0)={0x2, 0x0, @local}, 0x10) connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) splice(r0, 0x0, r3, 0x0, 0x30005, 0x0) 14:12:55 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x0, 0x1ff, 0x40000, 0x7}) 14:12:55 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x0, 0x1ff, 0x40000, 0x7}) 14:12:55 executing program 5: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000380)='attr/current\x00') read$FUSE(r0, 0x0, 0x0) [ 470.102331] Cannot find set identified by id 0 to match [ 470.145406] *** Guest State *** [ 470.148730] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 470.176215] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 14:12:55 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x0, 0x40000, 0x7}) [ 470.197036] CR3 = 0x00000000fffbc000 [ 470.206081] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 470.213048] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 470.223465] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 470.231044] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 470.242277] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 470.251131] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 470.270309] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 470.290799] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 470.303949] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 470.312878] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 470.325373] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 470.334980] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 470.343790] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 470.352367] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 470.358886] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 470.367281] Interruptibility = 00000000 ActivityState = 00000000 [ 470.374102] *** Host State *** [ 470.377302] RIP = 0xffffffff8117dacf RSP = 0xffff88804feef9b0 [ 470.384137] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 470.391148] FSBase=00007f8986666700 GSBase=ffff8880aeb00000 TRBase=fffffe0000034000 [ 470.398947] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 470.405731] CR0=0000000080050033 CR3=0000000090d1c000 CR4=00000000001426e0 [ 470.413356] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 470.420803] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 470.426866] *** Control State *** [ 470.431140] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 470.437857] EntryControls=0000d1ff ExitControls=002fefff [ 470.444882] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 470.452229] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 470.459249] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 470.465935] reason=80000021 qualification=0000000000000000 [ 470.472517] IDTVectoring: info=00000000 errcode=00000000 [ 470.478120] TSC Offset = 0xffffff00fc4f491e [ 470.482690] EPT pointer = 0x000000005d06b01e [ 470.487153] Virtual processor ID = 0x0001 [ 470.744663] audit: type=1326 audit(1588169575.982:70): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29993 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f66a code=0xffff0000 14:12:58 executing program 2: r0 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="45e9aed12f060000000000000025d86800278dcff47d010000805acf4f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc00000000000000000000000000000068e9d3a60a6638d827e6b924fa38cb0ac9a54e6717be51823a60c823ae54f0f62e726a997709e4f607e04587cc1e6ffdd38bac11ef386a6345c45249749969439ffd339708a8db36eff87d320034e4acdb77ad04e6071c248ecaba793a4f7c1b09632388cd8558c93fba01c0f3736bb72ca1e78542e11f939f0265c321aba72a56c891cc69a0b4dafbc31dadd5d935266994d6b13f483f4cc8ca4172e39d1f4eabf12903027e870e56a000c308526cc9c456704d52e234f85a0f395f32fd", 0x106}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0xe3cb}}}, 0x78) ptrace$cont(0x9, r1, 0x0, 0x0) 14:12:58 executing program 5: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) write$tun(r0, &(0x7f0000000180)={@void, @val, @mpls={[], @ipv4=@dccp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x84, 0x0, @remote, @rand_addr=0xfffffff7}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "d404c6", 0x0, "812300"}}}}}, 0x2e) 14:12:58 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x0, 0x40000, 0x7}) 14:12:58 executing program 1: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=ANY=[@ANYBLOB="3800000024000b0400"/20, @ANYRES32=r1, @ANYBLOB="00000000ffffffff0000000008000100706965000c0002000800020000000000"], 0x38}}, 0x0) 14:12:58 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) ioctl$SNDCTL_DSP_STEREO(r3, 0xc0045003, &(0x7f0000000280)=0x1) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000003740)='NLBL_UNLBL\x00') r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x48, 0x3, 0x1, 0x3, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x200}]}, 0x48}}, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x48, 0x3, 0x1, 0x3, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x200}]}, 0x48}}, 0x0) sendmsg$NLBL_UNLABEL_C_STATICLIST(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="6000000030a4ff5117df45b6786a4261850a9b5219a53afb68795f6b2783b535fb70b7bd9313a4021cea0bc9d5121899fc", @ANYRES16=r5, @ANYRES16=r6], 0x3}}, 0x0) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r3, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x64, r4, 0x710, 0x70bd2c, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @rand_addr=0x64010101}, @NLBL_UNLABEL_A_SECCTX={0x1f, 0x7, 'system_u:object_r:bin_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast2}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth1_to_batadv\x00'}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000080}, 0x20000000) r7 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc3d, 0x0, 0x0, 0x0, 0x0, 0x3], 0x5000, 0x20000}) ioctl$KVM_RUN(r7, 0xae80, 0x0) 14:12:58 executing program 3: pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000180)=ANY=[@ANYBLOB="6d616e676c650000000000000000000000000000000000000000007fd80000001f0000000600000010040000e002000038020000800100003802000038020000780300007803000078030000780300007803000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e70000000000000000000000000000000000c000e80000000000000000000000000000000000000000002800727066696c74657200000000000000000000000000000000000000000000000000000000000028007365740000000000000000000000000000000000000000000000000000010000000000000000280054544c00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff000000000000007000980000000000000000000000000000000000000000002800445343500000000000000000000000000000000000ae51474821ccc6cd000000000000000000e0000002ec1414aa00000000000000000000000000000000000000000000000065707370616e30000000000000000000000000000000000000000000003300000000000000000000000000000000000000000000000000007000b80000000000000000000000000000000000000000004800544545000000000000000000000000000000000000000000000000000001ff0200000000000000000000000000016772653000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000033de000000000000000000000000000000000000000000000000000000000000007000a800000000000000000000000000000000000000000038005345540000000000000000000000000000000000000000000000000000030000040000000000000000acc5e32c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f000000000000000000000000000000000000000000000000000000000000000000000000700098000000000000000000000000000000000000000000280054544c0000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000040000000000000000000000000000000000000000000000200000feffffff"], 0x1) r3 = socket$inet_udp(0x2, 0x2, 0x0) fcntl$setpipe(r0, 0x407, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) bind$inet(r3, &(0x7f00000002c0)={0x2, 0x0, @local}, 0x10) connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) splice(r0, 0x0, r3, 0x0, 0x30005, 0x0) 14:12:58 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x0, 0x40000, 0x7}) [ 473.051946] Cannot find set identified by id 0 to match 14:12:58 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x0, 0x7}) 14:12:58 executing program 1: pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000180)=ANY=[@ANYBLOB="6d616e676c650000000000000000000000000000000000000000007fd80000001f0000000600000010040000e002000038020000800100003802000038020000780300007803000078030000780300007803000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e70000000000000000000000000000000000c000e80000000000000000000000000000000000000000002800727066696c74657200000000000000000000000000000000000000000000000000000000000028007365740000000000000000000000000000000000000000000000000000010000000000000000280054544c00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff000000000000007000980000000000000000000000000000000000000000002800445343500000000000000000000000000000000000ae51474821ccc6cd000000000000000000e0000002ec1414aa00000000000000000000000000000000000000000000000065707370616e30000000000000000000000000000000000000000000003300000000000000000000000000000000000000000000000000007000b80000000000000000000000000000000000000000004800544545000000000000000000000000000000000000000000000000000001ff0200000000000000000000000000016772653000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000033de000000000000000000000000000000000000000000000000000000000000007000a800000000000000000000000000000000000000000038005345540000000000000000000000000000000000000000000000000000030000040000000000000000acc5e32c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f000000000000000000000000000000000000000000000000000000000000000000000000700098000000000000000000000000000000000000000000280054544c0000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000040000000000000000000000000000000000000000000000200000feffffff"], 0x1) r3 = socket$inet_udp(0x2, 0x2, 0x0) fcntl$setpipe(r0, 0x407, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) bind$inet(r3, &(0x7f00000002c0)={0x2, 0x0, @local}, 0x10) connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) splice(r0, 0x0, r3, 0x0, 0x30005, 0x0) 14:12:58 executing program 5: timer_create(0x3, 0x0, &(0x7f0000000200)) 14:12:58 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x0, 0x7}) 14:12:58 executing program 5: [ 473.229167] ip_tables: iptables: counters copy to user failed while replacing table [ 473.402709] *** Guest State *** [ 473.406099] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 473.415361] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 473.424426] CR3 = 0x00000000fffbc000 [ 473.428221] RSP = 0x0000000000000000 RIP = 0x0000000000005000 [ 473.434451] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 473.440747] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 473.447577] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 473.456074] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 473.464265] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 473.473282] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 473.481442] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 473.490089] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 473.498207] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 473.506522] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 473.514895] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 473.523453] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 473.532000] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 473.538469] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 473.546628] Interruptibility = 00000000 ActivityState = 00000000 [ 473.553309] *** Host State *** [ 473.556706] RIP = 0xffffffff8117dacf RSP = 0xffff88808fe679b0 [ 473.562948] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 473.569747] FSBase=00007f8986666700 GSBase=ffff8880aeb00000 TRBase=fffffe0000034000 [ 473.577702] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 473.583963] CR0=0000000080050033 CR3=0000000097b68000 CR4=00000000001426e0 [ 473.591311] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 473.598062] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 473.604907] *** Control State *** [ 473.608459] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 473.615486] EntryControls=0000d1ff ExitControls=002fefff [ 473.621356] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 473.628375] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 473.635475] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 473.642302] reason=80000021 qualification=0000000000000000 [ 473.648994] IDTVectoring: info=00000000 errcode=00000000 [ 473.654511] TSC Offset = 0xfffffeff2fa3fd94 [ 473.659039] EPT pointer = 0x0000000092af001e [ 473.663520] Virtual processor ID = 0x0001 [ 475.310064] NOHZ: local_softirq_pending 08 14:13:01 executing program 2: r0 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="45e9aed12f060000000000000025d86800278dcff47d010000805acf4f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc00000000000000000000000000000068e9d3a60a6638d827e6b924fa38cb0ac9a54e6717be51823a60c823ae54f0f62e726a997709e4f607e04587cc1e6ffdd38bac11ef386a6345c45249749969439ffd339708a8db36eff87d320034e4acdb77ad04e6071c248ecaba793a4f7c1b09632388cd8558c93fba01c0f3736bb72ca1e78542e11f939f0265c321aba72a56c891cc69a0b4dafbc31dadd5d935266994d6b13f483f4cc8ca4172e39d1f4eabf12903027e870e56a000c308526cc9c456704d52e234f85a0f395f32fd", 0x106}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0xe3cb}}}, 0x78) ptrace$cont(0x9, r1, 0x0, 0x0) 14:13:01 executing program 5: 14:13:01 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x0, 0x7}) 14:13:01 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000240)='\x00') r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x2000, 0x0) r6 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000100)='SEG6\x00') sendmsg$SEG6_CMD_DUMPHMAC(r5, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x64, r6, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@SEG6_ATTR_DST={0x14, 0x1, @private0={0xfc, 0x0, [], 0x1}}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x9}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x70}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x4e81}, @SEG6_ATTR_SECRET={0xc, 0x4, [0xd95, 0x3]}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x99a}, @SEG6_ATTR_SECRET={0x8, 0x4, [0x80]}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000}, 0x6000800) 14:13:01 executing program 3: 14:13:01 executing program 1: 14:13:01 executing program 1: 14:13:01 executing program 5: 14:13:01 executing program 3: 14:13:01 executing program 1: 14:13:01 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000}) 14:13:01 executing program 5: [ 476.284943] *** Guest State *** [ 476.288365] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 476.297923] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 476.307240] CR3 = 0x00000000fffbc000 [ 476.311729] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 476.317818] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 476.325062] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 476.332782] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 476.341339] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 476.349920] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 476.357902] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 476.366472] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 476.375034] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 476.383322] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 476.391749] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 476.400057] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 476.408110] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 476.416190] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 476.422864] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 476.430466] Interruptibility = 00000000 ActivityState = 00000000 [ 476.436746] *** Host State *** [ 476.440117] RIP = 0xffffffff8117dacf RSP = 0xffff88804d52f9b0 [ 476.446248] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 476.452832] FSBase=00007f8986645700 GSBase=ffff8880aeb00000 TRBase=fffffe0000003000 [ 476.460829] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 476.466807] CR0=0000000080050033 CR3=000000008c6e0000 CR4=00000000001426e0 [ 476.473936] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 476.480766] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 476.486921] *** Control State *** [ 476.492158] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 476.499299] EntryControls=0000d1ff ExitControls=002fefff [ 476.504834] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 476.511967] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 476.518808] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 476.525485] reason=80000021 qualification=0000000000000000 [ 476.531965] IDTVectoring: info=00000000 errcode=00000000 [ 476.537501] TSC Offset = 0xfffffefda398824e [ 476.541959] EPT pointer = 0x00000000a046701e [ 476.546408] Virtual processor ID = 0x0001 14:13:04 executing program 2: r0 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="45e9aed12f060000000000000025d86800278dcff47d010000805acf4f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc00000000000000000000000000000068e9d3a60a6638d827e6b924fa38cb0ac9a54e6717be51823a60c823ae54f0f62e726a997709e4f607e04587cc1e6ffdd38bac11ef386a6345c45249749969439ffd339708a8db36eff87d320034e4acdb77ad04e6071c248ecaba793a4f7c1b09632388cd8558c93fba01c0f3736bb72ca1e78542e11f939f0265c321aba72a56c891cc69a0b4dafbc31dadd5d935266994d6b13f483f4cc8ca4172e39d1f4eabf12903027e870e56a000c308526cc9c456704d52e234f85a0f395f32fd", 0x106}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 14:13:04 executing program 3: 14:13:04 executing program 1: 14:13:04 executing program 5: 14:13:04 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000}) 14:13:04 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0xff, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:13:04 executing program 3: 14:13:04 executing program 1: 14:13:04 executing program 5: [ 479.114011] *** Guest State *** [ 479.117354] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 14:13:04 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x536d9511, 0x1820a, 0xd3d851e8b9dd0f66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x36121}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xffffffffffffff98) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000006ffc), 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000400)="bc35312fb6780c085305926d7293ae381726ec1c2611ca1d6cdd9b1155a5f31232ea6b425e00d37f718c653c0376346ba60f37e62797727227db14360a2d90071d5fa8edfe67c8e4e83441e02acc3f2d822b272010324f4d62ac635bbbf252ae0563ce52df6e871905560ad7d3a73010298605a736d2f8c031664090f3", 0x7d) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000240)={@any, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[0xb, 0x14, 0x114], 0x2, 0x400, 0x1ff, 0x40000}) 14:13:04 executing program 3: 14:13:04 executing program 5: [ 479.160700] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 479.199111] CR3 = 0x00000000fffbc000 [ 479.205454] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 479.223559] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 479.236877] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 479.267549] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 479.282962] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 479.321355] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 479.335237] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 479.349634] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 479.359845] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 479.368929] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 479.377470] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 479.386856] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 479.403251] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 479.411534] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 479.417946] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 479.425547] Interruptibility = 00000000 ActivityState = 00000000 [ 479.432521] *** Host State *** [ 479.435727] RIP = 0xffffffff8117dacf RSP = 0xffff888089e4f9b0 [ 479.442009] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 479.448847] FSBase=00007f8986666700 GSBase=ffff8880aeb00000 TRBase=fffffe0000034000 [ 479.456643] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 479.462603] CR0=0000000080050033 CR3=000000009404f000 CR4=00000000001426e0 [ 479.469685] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 479.476349] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 479.482498] *** Control State *** [ 479.485946] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 479.492710] EntryControls=0000d1ff ExitControls=002fefff [ 479.498289] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 479.505216] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 479.511947] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 479.518625] reason=80000021 qualification=0000000000000000 [ 479.524940] IDTVectoring: info=00000000 errcode=00000000 [ 479.530445] TSC Offset = 0xfffffefc1fd1947a [ 479.534760] EPT pointer = 0x000000009687901e [ 479.539237] Virtual processor ID = 0x0001 [ 479.564180] *** Guest State *** [ 479.567512] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 479.577432] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 479.587710] CR3 = 0x00000000fffbc000 [ 479.592023] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 479.598676] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 479.604717] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 479.612231] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 479.620917] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 479.629551] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 479.637622] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 479.646438] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 479.654705] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 479.662801] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 479.670847] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 479.678905] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 479.686880] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 479.695434] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 479.701967] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 479.709567] Interruptibility = 00000000 ActivityState = 00000000 [ 479.715799] *** Host State *** [ 479.719094] RIP = 0xffffffff8117dacf RSP = 0xffff888089e4f9b0 [ 479.725067] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 479.731542] FSBase=00007f8986666700 GSBase=ffff8880aea00000 TRBase=fffffe0000034000 [ 479.739419] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 479.745326] CR0=0000000080050033 CR3=000000009404f000 CR4=00000000001426f0 [ 479.752405] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff866018a0 [ 479.763852] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 479.769975] *** Control State *** [ 479.773429] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 479.780163] EntryControls=0000d1ff ExitControls=002fefff [ 479.785629] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 479.792964] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 479.799741] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 479.806319] reason=80000021 qualification=0000000000000000 [ 479.812699] IDTVectoring: info=00000000 errcode=00000000 [ 479.818882] TSC Offset = 0xfffffefbe1f0162a [ 479.823204] EPT pointer = 0x000000009371101e [ 479.827594] Virtual processor ID = 0x0001 14:13:07 executing program 2: r0 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="45e9aed12f060000000000000025d86800278dcff47d010000805acf4f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc00000000000000000000000000000068e9d3a60a6638d827e6b924fa38cb0ac9a54e6717be51823a60c823ae54f0f62e726a997709e4f607e04587cc1e6ffdd38bac11ef386a6345c45249749969439ffd339708a8db36eff87d320034e4acdb77ad04e6071c248ecaba793a4f7c1b09632388cd8558c93fba01c0f3736bb72ca1e78542e11f939f0265c321aba72a56c891cc69a0b4dafbc31dadd5d935266994d6b13f483f4cc8ca4172e39d1f4eabf12903027e870e56a000c308526cc9c456704d52e234f85a0f395f32fd", 0x106}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 14:13:07 executing program 1: 14:13:07 executing program 5: 14:13:07 executing program 3: 14:13:07 executing program 0: 14:13:07 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) recvmsg$kcm(r2, &(0x7f0000000200)={&(0x7f00000000c0)=@in={0x2, 0x0, @initdev}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000140)=""/103, 0x67}, {&(0x7f0000000000)=""/32, 0x20}], 0x2}, 0x100) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 14:13:07 executing program 1: 14:13:07 executing program 5: 14:13:07 executing program 3: 14:13:07 executing program 0: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, 0x0) socket(0x0, 0x0, 0x0) r0 = syz_open_dev$loop(0x0, 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000140)={[], 0x0, 0x3, 0x6}) shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000840)={{0x0}}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) 14:13:07 executing program 5: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x8100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(0x0, &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0xfffffffffffffffa) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x4, [@func_proto={0x3, 0x2, 0x0, 0xd, 0x4000, [{}, {0x5}]}]}, {0x0, [0x0, 0x0]}}, &(0x7f00000001c0)=""/219, 0x38, 0xdb, 0x8}, 0x20) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x7a05, 0x1700) r1 = semget$private(0x0, 0x0, 0x0) r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$SCSI_IOCTL_START_UNIT(r2, 0x5) semop(r1, 0x0, 0x0) semop(0x0, 0x0, 0x0) semctl$GETALL(r1, 0x0, 0xd, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, r0, 0x3}, 0x10) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r3, 0x0, r4) setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000780)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f8000003000000300300009802000000e2ffffff00000000000000000000009802000098020000a10200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000c10000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f73653000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002100000000000000000000000000000000000000000000000000000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001300000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000000000000000000000000000000000000020004e4f545241434b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400700098000000000000000000000000000000ecff000000002800000000000000"], 0x1) sendmsg$NFT_MSG_GETOBJ_RESET(r5, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x2c, 0x15, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x4}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x4000000) 14:13:07 executing program 1: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x7f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) semctl$SEM_STAT_ANY(0x0, 0x3, 0x10, 0x0) [ 482.374081] *** Guest State *** [ 482.402415] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 482.414191] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 482.432932] CR3 = 0x00000000fffbc000 [ 482.446913] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 482.453776] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 482.463235] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 482.470320] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 482.480578] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 482.489176] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 482.497253] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 482.505456] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 482.513743] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 482.522026] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 482.530524] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 482.538661] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 482.546689] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 482.554852] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 482.561430] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 482.569006] Interruptibility = 00000000 ActivityState = 00000000 [ 482.575339] *** Host State *** [ 482.578722] RIP = 0xffffffff8117dacf RSP = 0xffff88804da2f9b0 [ 482.584761] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 482.591490] FSBase=00007f8986645700 GSBase=ffff8880aea00000 TRBase=fffffe0000003000 [ 482.599917] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 482.605914] CR0=0000000080050033 CR3=000000008fc9f000 CR4=00000000001426f0 [ 482.613106] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff866018a0 [ 482.619897] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 482.626034] *** Control State *** [ 482.629587] PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2 [ 482.636286] EntryControls=0000d1ff ExitControls=002fefff [ 482.641929] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 482.649035] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 482.655832] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 482.662762] reason=80000021 qualification=0000000000000000 [ 482.669509] IDTVectoring: info=00000000 errcode=00000000 [ 482.675042] TSC Offset = 0xfffffefa60e77c4e [ 482.680513] EPT pointer = 0x000000008c5c701e [ 482.684924] Virtual processor ID = 0x0001 14:13:10 executing program 2: r0 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="45e9aed12f060000000000000025d86800278dcff47d010000805acf4f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc00000000000000000000000000000068e9d3a60a6638d827e6b924fa38cb0ac9a54e6717be51823a60c823ae54f0f62e726a997709e4f607e04587cc1e6ffdd38bac11ef386a6345c45249749969439ffd339708a8db36eff87d320034e4acdb77ad04e6071c248ecaba793a4f7c1b09632388cd8558c93fba01c0f3736bb72ca1e78542e11f939f0265c321aba72a56c891cc69a0b4dafbc31dadd5d935266994d6b13f483f4cc8ca4172e39d1f4eabf12903027e870e56a000c308526cc9c456704d52e234f85a0f395f32fd", 0x106}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 14:13:10 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x91a4e500, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() pause() tkill(r2, 0x33) 14:13:10 executing program 5: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x8100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(0x0, &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0xfffffffffffffffa) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x4, [@func_proto={0x3, 0x2, 0x0, 0xd, 0x4000, [{}, {0x5}]}]}, {0x0, [0x0, 0x0]}}, &(0x7f00000001c0)=""/219, 0x38, 0xdb, 0x8}, 0x20) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x7a05, 0x1700) r1 = semget$private(0x0, 0x0, 0x0) r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$SCSI_IOCTL_START_UNIT(r2, 0x5) semop(r1, 0x0, 0x0) semop(0x0, 0x0, 0x0) semctl$GETALL(r1, 0x0, 0xd, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, r0, 0x3}, 0x10) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r3, 0x0, r4) setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000780)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f8000003000000300300009802000000e2ffffff00000000000000000000009802000098020000a10200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000c10000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f73653000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002100000000000000000000000000000000000000000000000000000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001300000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000000000000000000000000000000000000020004e4f545241434b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400700098000000000000000000000000000000ecff000000002800000000000000"], 0x1) sendmsg$NFT_MSG_GETOBJ_RESET(r5, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x2c, 0x15, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x4}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x4000000) 14:13:10 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000803, 0x5f) close(r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) openat$vga_arbiter(0xffffff9c, 0x0, 0x0, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r3 = open(&(0x7f0000000100)='./file1\x00', 0x143042, 0x0) ftruncate(r3, 0x200004) sendfile(r0, r3, 0x0, 0x80001d00c0d0) 14:13:10 executing program 0: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, 0x0) socket(0x0, 0x0, 0x0) r0 = syz_open_dev$loop(0x0, 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000140)={[], 0x0, 0x3, 0x6}) shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000840)={{0x0}}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) 14:13:10 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() r1 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x6100) write$cgroup_type(r1, &(0x7f0000000200)='threaded\x00', 0x175d900f) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f0000000000)=0x57db2527d6ad3f5e) sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$TCSETSF2(r3, 0x402c542d, &(0x7f00000000c0)={0x6, 0x0, 0x5, 0x9, 0x5, "47d865d17ed8d61a841e5aca9ac3dcb9593cc6", 0xffff, 0x5c8}) r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x20000}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 14:13:10 executing program 0: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, 0x0) socket(0x0, 0x0, 0x0) r0 = syz_open_dev$loop(0x0, 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000140)={[], 0x0, 0x3, 0x6}) shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000840)={{0x0}}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) 14:13:10 executing program 3: socket$netlink(0x10, 0x3, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x1, 0x803, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x64, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x34, 0x12, 0x0, 0x1, @ipip={{0x9, 0x1, 'ipip\x00'}, {0x24, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x1, r4}, @IFLA_IPTUN_FWMARK={0x8, 0x14, 0x80}, @IFLA_IPTUN_ENCAP_SPORT={0x6, 0x11, 0x4e24}, @IFLA_IPTUN_ENCAP_SPORT={0x6, 0x11, 0x4e22}]}}}, @IFLA_LINK={0x8}, @IFLA_MASTER={0x8}]}, 0x64}}, 0x0) 14:13:10 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf32(r0, 0x0, 0x0) 14:13:10 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0) r0 = open(0x0, 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0) ftruncate(r1, 0x208200) r2 = open(&(0x7f0000000200)='./bus\x00', 0x14103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r2, 0x0) 14:13:10 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x3e, &(0x7f0000000100)={@local, @empty, @val={@val={0x8100}}, {@ipv6}}, 0x0) 14:13:10 executing program 0: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, 0x0) socket(0x0, 0x0, 0x0) r0 = syz_open_dev$loop(0x0, 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000140)={[], 0x0, 0x3, 0x6}) shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000840)={{0x0}}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) [ 485.557649] audit: type=1800 audit(1588169590.793:71): pid=30243 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed" comm="syz-executor.1" name="file1" dev="sda1" ino=16716 res=0 [ 485.687870] *** Guest State *** [ 485.691239] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 485.705256] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 485.715189] CR3 = 0x00000000fffbc000 [ 485.727042] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 485.735874] RFLAGS=0x00020002 DR7 = 0x0000000000000400 [ 485.743957] ================================================================== [ 485.751555] BUG: KASAN: use-after-free in do_blk_trace_setup+0xa5b/0xad0 [ 485.758390] Read of size 8 at addr ffff888092693280 by task syz-executor.0/30270 [ 485.765905] [ 485.767526] CPU: 1 PID: 30270 Comm: syz-executor.0 Not tainted 4.14.177-syzkaller #0 [ 485.775397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 485.784743] Call Trace: [ 485.787326] dump_stack+0x13e/0x194 [ 485.790955] ? do_blk_trace_setup+0xa5b/0xad0 [ 485.795438] print_address_description.cold+0x7c/0x1e2 [ 485.800703] ? do_blk_trace_setup+0xa5b/0xad0 [ 485.805181] kasan_report.cold+0xa9/0x2ae [ 485.809317] do_blk_trace_setup+0xa5b/0xad0 [ 485.813624] blk_trace_setup+0xa3/0x120 [ 485.817581] ? do_blk_trace_setup+0xad0/0xad0 [ 485.822073] ? trace_hardirqs_on_caller+0x3f6/0x590 [ 485.827081] ? check_preemption_disabled+0x35/0x240 [ 485.832080] ? retint_kernel+0x2d/0x2d [ 485.835950] sg_ioctl+0x2f9/0x2620 [ 485.839471] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 485.844210] ? sg_new_write.isra.0+0x8c0/0x8c0 [ 485.848786] ? retint_kernel+0x2d/0x2d [ 485.852662] ? do_vfs_ioctl+0x76/0xfe0 [ 485.856545] ? sg_new_write.isra.0+0x8c0/0x8c0 [ 485.861121] do_vfs_ioctl+0x75a/0xfe0 [ 485.864915] ? selinux_file_mprotect+0x5c0/0x5c0 [ 485.869662] ? ioctl_preallocate+0x1a0/0x1a0 [ 485.874067] ? security_file_ioctl+0x76/0xb0 [ 485.878464] ? security_file_ioctl+0x83/0xb0 [ 485.882858] SyS_ioctl+0x7f/0xb0 [ 485.886209] ? do_vfs_ioctl+0xfe0/0xfe0 [ 485.890170] do_syscall_64+0x1d5/0x640 [ 485.894044] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 485.899214] RIP: 0033:0x45c829 [ 485.902395] RSP: 002b:00007f3a557b3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 485.910099] RAX: ffffffffffffffda RBX: 00000000004e1540 RCX: 000000000045c829 [ 485.917351] RDX: 0000000020000140 RSI: 00000000c0481273 RDI: 0000000000000005 [ 485.924617] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 485.931869] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 485.939332] R13: 000000000000022a R14: 00000000004c4506 R15: 00007f3a557b46d4 [ 485.946608] [ 485.948222] Allocated by task 30270: [ 485.951936] save_stack+0x32/0xa0 [ 485.955377] kasan_kmalloc+0xbf/0xe0 [ 485.959073] kmem_cache_alloc_trace+0x14d/0x7b0 [ 485.963732] do_blk_trace_setup+0x11e/0xad0 [ 485.968039] blk_trace_setup+0xa3/0x120 [ 485.972014] sg_ioctl+0x2f9/0x2620 [ 485.975540] do_vfs_ioctl+0x75a/0xfe0 [ 485.979319] SyS_ioctl+0x7f/0xb0 [ 485.982682] do_syscall_64+0x1d5/0x640 [ 485.986550] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 485.991715] [ 485.993323] Freed by task 30275: [ 485.996672] save_stack+0x32/0xa0 [ 486.000107] kasan_slab_free+0x75/0xc0 [ 486.003972] kfree+0xcb/0x260 [ 486.007055] blk_trace_remove+0x52/0x80 [ 486.011008] sg_ioctl+0x22a/0x2620 [ 486.014529] do_vfs_ioctl+0x75a/0xfe0 [ 486.018310] SyS_ioctl+0x7f/0xb0 [ 486.021656] do_syscall_64+0x1d5/0x640 [ 486.025537] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 486.030715] [ 486.032336] The buggy address belongs to the object at ffff888092693240 [ 486.032336] which belongs to the cache kmalloc-128 of size 128 [ 486.044973] The buggy address is located 64 bytes inside of [ 486.044973] 128-byte region [ffff888092693240, ffff8880926932c0) [ 486.056740] The buggy address belongs to the page: [ 486.061661] page:ffffea000249a4c0 count:1 mapcount:0 mapping:ffff888092693000 index:0xffff8880926930c0 [ 486.071086] flags: 0xfffe0000000100(slab) [ 486.075218] raw: 00fffe0000000100 ffff888092693000 ffff8880926930c0 0000000100000014 [ 486.083092] raw: ffffea00028114e0 ffffea00029e0520 ffff88812fe54640 0000000000000000 [ 486.090950] page dumped because: kasan: bad access detected [ 486.096639] [ 486.098245] Memory state around the buggy address: [ 486.103155] ffff888092693180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 486.110506] ffff888092693200: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb [ 486.117856] >ffff888092693280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 486.125214] ^ [ 486.128569] ffff888092693300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 486.135913] ffff888092693380: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 486.143258] ================================================================== [ 486.150618] Disabling lock debugging due to kernel taint [ 486.174669] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 486.186479] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 486.209912] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 486.218552] Kernel panic - not syncing: panic_on_warn set ... [ 486.218552] [ 486.225928] CPU: 1 PID: 30270 Comm: syz-executor.0 Tainted: G B 4.14.177-syzkaller #0 [ 486.232664] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 486.235016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 486.235020] Call Trace: [ 486.235035] dump_stack+0x13e/0x194 [ 486.235046] panic+0x1f9/0x42d [ 486.235053] ? add_taint.cold+0x16/0x16 [ 486.235062] ? preempt_schedule_common+0x4a/0xc0 [ 486.235071] ? do_blk_trace_setup+0xa5b/0xad0 [ 486.235081] ? ___preempt_schedule+0x16/0x18 [ 486.235092] ? do_blk_trace_setup+0xa5b/0xad0 [ 486.235100] kasan_end_report+0x43/0x49 [ 486.235109] kasan_report.cold+0x12f/0x2ae [ 486.235120] do_blk_trace_setup+0xa5b/0xad0 [ 486.243663] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 486.252440] blk_trace_setup+0xa3/0x120 [ 486.252449] ? do_blk_trace_setup+0xad0/0xad0 [ 486.252459] ? trace_hardirqs_on_caller+0x3f6/0x590 [ 486.252469] ? check_preemption_disabled+0x35/0x240 [ 486.252479] ? retint_kernel+0x2d/0x2d [ 486.252488] sg_ioctl+0x2f9/0x2620 [ 486.252498] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 486.252506] ? sg_new_write.isra.0+0x8c0/0x8c0 [ 486.252512] ? retint_kernel+0x2d/0x2d [ 486.252529] ? do_vfs_ioctl+0x76/0xfe0 [ 486.252535] ? sg_new_write.isra.0+0x8c0/0x8c0 [ 486.252544] do_vfs_ioctl+0x75a/0xfe0 [ 486.252555] ? selinux_file_mprotect+0x5c0/0x5c0 [ 486.252564] ? ioctl_preallocate+0x1a0/0x1a0 [ 486.252577] ? security_file_ioctl+0x76/0xb0 [ 486.252585] ? security_file_ioctl+0x83/0xb0 [ 486.252594] SyS_ioctl+0x7f/0xb0 [ 486.252602] ? do_vfs_ioctl+0xfe0/0xfe0 [ 486.252611] do_syscall_64+0x1d5/0x640 [ 486.252622] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 486.252629] RIP: 0033:0x45c829 [ 486.252634] RSP: 002b:00007f3a557b3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 486.252642] RAX: ffffffffffffffda RBX: 00000000004e1540 RCX: 000000000045c829 [ 486.252647] RDX: 0000000020000140 RSI: 00000000c0481273 RDI: 0000000000000005 [ 486.252652] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 486.252657] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 486.252661] R13: 000000000000022a R14: 00000000004c4506 R15: 00007f3a557b46d4 [ 486.254041] Kernel Offset: disabled [ 486.443815] Rebooting in 86400 seconds..